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Award-Winning Web Hosting 

When you're the best at what you do, people notice. That's 
why 1&1 was named Best Web Hosting Company of 2005 by 
Hostreview.com, a leading independent web hosting research 
firm. And it's not just the industry experts who are sold on 1 &1 . 
With 5 million customers and counting, many of our best 
recommendations still come by word-of-mouth. 

Hosting services provided since 1995 
Innovative web applications 
150 in-house programmers 

One-stop shop for all your 
website needs 

All-inclusive prices with no 
hidden charges 

2^ 90-day money back guarantee 
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Follow the Leader 

As the world's #1 web host, 1&1 continues to raise the standard 
for reliable hosting even as we maintain our low prices. 1&1 has 
taken the guesswork out of web hosting by offering all-inclusive 
plans starting at $2.99/month, with no hidden costs or fine 
print. The industry has responded as the competition rushes to 
match 1&1's features, but there can only be one leader. 

World's Largest Web Host 

With 2.9 million active sites worldwide, 1&1 is a 
global leader in volume and web hosting power. 




Source: Netcraft Ltd-www.netcraft.com April 1, 2006 
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Editor's Note 



Personal computer security was so much easier back in the day; seemed 
like all you had to do was make sure you didn't load any strange floppies 
from the wrong side of the tracks, and you were pretty much guaranteed 
to avoid any sort of malware infestation. 

Now, of course, things are different. Achieving any level of computer security 
requires the proactive installation, configuration, and upkeep of multiple security 
apps, a hardware firewall, encryption for your WLAN, and so on. That's before 
you even consider encryption for your VoIP calls, physical security to prevent 
unauthorized onsite access, antitheft devices for notebooks, and yada, yada, yada. 

And after all is said and done, if someone who really knows what he's doing 
decides he wants into your system, all that stuff might not make the slightest dif- 
ference. Much like the physical security of our homes, PC security ultimately 
comes down to the common-sense application of a reasonable array of tools and 
methods that give us better-than-average odds against the garden-variety intruder. 

Unlike home security, though, the threats to our PCs and networks are constant- 
ly changing in order to beat our countermeasures, so it's not safe to assume that 
because you had your system locked up tight as a drum last year, it's still that secure. 
Thus we present this month's Spotlight section on PC security. Head to page 46 for 
in-depth discussions of the latest virus, Trojan, and worm threats, a look at the 
growing spyware menace, a piece on rootkits, and info on the most sophisticated 
social engineering threats. We'll discuss hands-on steps 
you can take to beat this stuff that go beyond 
clicking your antivirus software's Scan button, 
and we'll even look at some hardware that can 
boost your overall state of secureness. 

Elsewhere this month you'll find our takes on 
some of your options where uninterruptible power 
supplies are concerned (page 16), interviews with 
the Garriott brothers (page 108) and RFID 
watchdog Katherine Albrecht (page 104), 
and an excellent mod that turns a mild-man- 
nered Pentium D 805 into a blazing power- 
house that rivals the Extreme Edition 965 in 
several metrics. This issue also marks the sec- 
ond installment of Barry Brenesal's "Cutting 
Edge" column, so check that out on page 94. 

We'll see you again in about 30, and thanks 
for reading. 
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Chris Trumble, Publication Editor, CPU 
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Need more octane for gaming 
or digital media? Upgrade 
your memory and see an 
immediate performance 
difference! Corsair offers the 
world's fastest memory 
in an extensive range of 
high-density 1GB and 2GB 
modules. Choose DDR1 or 
DDR2, and find solutions for 
Intel and AMD processors. 
Of course, every module 
features the legendary quality 
that has made Corsair the 
world's most awarded memory. 




XMS2 DDR2: WORLD SPEED LEADER 
I GB and 2GB solutions for all 
Intel performance motherboards. 



XMS & XMS2 XPERT 

I OB and 2GB solutions. Features the 

world's first parametric LED display. 



XMS & XMS2 PRO 

I GB and 2GB modules. World's most 

popular activity-indicating LED solution. 



XMS 

I GB and 2GB modules in classic XMS 
packaging. The DDR I speed leader. 



VALUE SELECT 

I GB and 2GB value solutions for 

standard desktops and notebooks. 
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Seeing Double: 
Nvidia Twin Tuners 

"Dual" everything has become the official 
theme of the PC world. Once you 
have your dual-core CPU and 
two-card video array in place, 
it's time to consider two 
TV tuners. The $169 
Nvidia DualTV MCE 
part gives Media Center 
Edition PCs the power to 
record two different chan- 
nels simultaneously, watch one 
show while recording another, or just send 
two separate channels to different TVs in your home. The PCI card 
has an internal splitter to divide an incoming analog video connec- 
tion into two signals, and it includes an FM receiver for recording 
and playing radio. The DualTV MCE records in MPEG-2 format at 
720 x 480 resolution, and Nvidia's MediaSqueeze technology will fit 
all the "Different Strokes" episodes you can stand on your hard 
drive. (Check out our hardware review on the card on page 22.) A 




Dell & Toshiba Get Game 

Loosen that tie and grab a controller, Mister VP. Two main- 
stream business computing giants got serious about the hot 
gaming PC market this month. In its largest acquisition to 
date, Dell purchased high-end specialty PC maker Alien- 
ware. Dell already offers its own XPS line of enthusiast rigs 
but will let the Miami company remain a standalone brand 
and profit from the higher margins these cutting-edge com- 
puters represent. Meanwhile, the otherwise buttoned-down 
Toshiba became the first laptop maker to incorporate 
Nvidia's latest portable 3D accelerator, the GeForce Go 
7900 GS. Although Toshiba still hasn't embraced the sexy 
nomenclature of gaming PCs, its P105-S921 got the tech- 
nology right: 160GB storage, Intel Core Duo CPU, and 17- 
inch widescreen. Now about that name. ... A 
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Your Cursor 
Comes To Life 
With Mus2 

PC peripheral design goes all postmodern 
on us with the Mus2 wireless mouse. 
Using the same shape as the Windows 
cursor it controls on-screen, the Mus2 
plants the two action buttons at the tip 
with a power indicator in the handle to 
warn that your batteries are low. The opti- 
cal sensor works at 800dpi, and it accepts 
standard or rechargeable cells. Art 
Lebedev, who also gave us OLED key- 
boards and emoticon cushions, brings us 
this curious "innovation." The Mus2 will 
be available this month and cost about 
$60 (as of this writing). The site says that 
this mutant mouse actually fits the hand 
quite nicely. Sure, if you like wielding a 
saber to control your PC. A 




Art Lebedev's Web site says that his 
cursor-shaped wireless mouse 
"doesn't cause any discomfort." 
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Upholstered Laptops On the Way 



Your next laptop or digicam may be upholstered. Hoping to 
make the Centrino both functional and sexy, Intel and Toray 
Ultrasuede have created concept computers with ultrasuede 
coverings. These "touchable laptops" have microfiber inte- 
grated directly into the casing in blocks of color that resemble 
a Mondrian painting. According to the "Intel/Ultrasuede 
Laptop Style Study" (there are actually such studies?), 73% of 
us want technology that reflects our personal style. And along 
with shoes and apparel, 76% of us look at one another's tech- 
nology style choices. The ultrasuede stylings are not mere 
appliques; they need to be baked into a design, so we will 
have to wait for an OEM to offer these upholstered models 
directly. And we're guessing they won't be machine washable. 
One more thing to dry clean! A 




Microfiber isn't just for sofas and vests anymore. 



Hardware Mole 



LG Straddles The Next-Gen DVD Fence 



Can't decide whether to go BD (Blu-ray Disc) or HD DVD? If other manufacturers follow LG 
Electronics' lead, you may not have to commit to one side in this frustrating war over next-gen 
formats. Even though LG has supported the Sony-led BD camp in the past, the hardware 
maker told dealers to expect a dual-mode device that will play back both BD and HD DVD 
discs later this year. Analysts say that the hardware manufacturers finally realize that everyone 
will lose in a protracted battle over formats, so expect to see more consumer-friendly devices 
that play on both sides of the fence. A 




0ft. 



Can next-gen DVD 
players bring peace to 
the hi-def format wars? 



Will A PS3 Cost As Much As A Laptop? 

A Sony executive in France ignited wild speculation about PS3 pricing when he 
suggested that the upcoming console could cost as much as 500 to 600 euros (or 
$600 to $730). The Sony corporate suits quickly corrected the press accounts, 
claiming that no price had been set. In the kind of backpedaling usually reserved 
for "misspeaking" politicians, the Sony handlers claim that its executive was sim- 
ply indicating how its BD-powered, HD-capable unit would still be a bargain at 
such a price. Uh, huh! A 

Finally, Power Goes Wireless 

All of our devices have gone wireless, except for the power that runs them. 

Until now. Tech provider ThinkGeek.com is offering the novel WEC 

(Wireless Extension Cord; $34.99) that sends power between a 

plugged-in base unit and a satellite receiver up to 300 feet away. 

And don't worry about the 7.2GHz microwave frequencies 

it uses to invoke this wizardry. The company says its 

WEC units put off no more harmful effects than the 

normal "leakage" from a typical microwave oven. OK, 

we'll try it, but if the coffee beside our laptop starts to 

boil, we're pulling the plug. A 
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It's coming, and it's going to be sleek, 
stylish, and 'spensive. 




Using microwaves the WECs (Wireless 
Extension Cords) can send power to 
devices up to 300 feet away. 
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IBM Launc hes SecureBlue Encrypti on For Microprocessors 

IBM says it has a new technology that will vastly increase the security of ordinary consumer 
gadgets and a host of electronic gear. The SecureBlue technology is a hardware-based 
encryption accelerator that the company's engineers can integrate onto any CPU. By 
putting hardware encryption on the CPU die itself, SecureBlue can speed up encryption 
and decryption tasks. Moreover, it could be much more secure than off-chip encryption 
technologies, says Charles Palmer, senior manager of security and privacy at IBM Research. 
Often, hackers can crack encrypted traffic by intercepting it as it moves from an encryption 
processor over a data pathway into memory or the CPU. With SecureBlue, however, data 
can move in encrypted form from memory into the CPU where it will be decrypted as it 
moves into the CPU itself. "This helps us do away with the weak links in the system," 
Palmer says. He didn't say which devices use the SecureBlue technology, but he did say that 
devices have been shipping for a couple of years. A 

Rapport Discloses Plans 

To Create Chip With 1 ,025 Processors 

Rapport hopes to shake up the handheld computer world with a new microprocessor that has 
1,025 processing cores on a single chip. Andrew Singer, CEO of the Redwood City, Calif, 
startup, says the chip will be ideal for delivering smooth, high-definition video faster on a cell 
phone or handheld computer. Rapport is teaming up with IBM to launch its Kilocore 1025 
chip in 2007. The Kilcore 1025 will use an IBM PowerPC core to control the smaller cores on 
the chip. It takes advantage of the ability to reconfigure itself on the fly to accomplish a great 
deal of processing without consuming a lot of power, Singer says. Rapport is already shipping 
an earlier version of its chip (the KC256) with 256 processors on one chip. A 



Watching The Chips Fall 

Here is pricing information for AMD and Intel CPUs. 



'Retail price 

** Manufacturer's price per 1,000 units 

Other current prices, if indicated, are lowest OEM prices 

available through Pricegrabber.com 



CPU 


Released 


Original 
price 


Last month's 
price 


Current 
price 


AMD Athlon 64 FX-57 


6/27/2005 


$1,031** 


$898 


$898 


AMD Athlon 64 FX-60 


1/10/2006 


$999** 


$1,011 


$1,011 


AMD Athlon 64 X2 Dual-Core 3800+ 


8/1/2005 


$354** 


$292 


$287 


AMD Athlon 64 X2 Dual-Core 4200+ 


5/31/2005 


$537** 


$350 


$347 


AMD Athlon 64 X2 Dual-Core 4400+ 


5/31/2005 


$581** 


$447 


$447 


AMD Athlon 64 X2 Dual-Core 4600+ 


5/31/2005 


$803** 


$556* 


$543 


AMD Athlon 64 X2 Dual-Core 4800+ 


5/31/2005 


$1,001** 


$625 


$619 


Intel Pentium Processor Extreme Edition 955 3.46GHz dual-core 


12/27/2005 


$999** 


$1,011 


$1,018 


Intel Pentium 4 631 3Ghz 2MB cache 800MHz FSB 65nm 


12/27/2005 


$178** 


$145* 


$174* 


Intel Pentium 4 640 3.2GHz 2MB cache 800MHz FSB 90nm 


2/21/2005 


$273** 


$212* 


$208* 


Intel Pentium 4 641 3.2GHz 2MB cache 800MHz FSB 65nm 


12/27/2005 


$218** 


$215* 


$216* 


Intel Pentium 4 650 3.4GHz 2MB cache 800MHz FSB 90nm 


2/21/2005 


$401** 


$249* 


$270* 


Intel Pentium 4 651 3.4GHz 2MB cache 800MHz FSB 65nm 


12/27/2005 


$273** 


$278* 


$272* 


Intel Pentium 4 660 3.6GHz 2MB cache 800MHz FSB 90nm 


2/21/2005 


$605** 


$329* 


$329* 


Intel Pentium 4 661 3.6GHz 2MB cache 800MHz FSB 65nm 


12/27/2005 


$401** 


$408* 


$400* 


Intel Pentium 4 670 3.8GHz 2MB cache 800MHz FSB 90nm 


5/26/2005 


$849** 


$610* 


$603* 


Intel Pentium D 820 2.8GHz dual-core 2MB cache 800MHz FSB 90nm 


5/26/2005 


$241** 


$212* 


$197* 


Intel Pentium D 830 3GHz dual-core 2MB cache 800MHz FSB 90nm 


5/26/2005 


$316** 


$235* 


$254* 


Intel Pentium D 840 3.2GHz dual-core 2MB cache 800MHz FSB 90nm 


5/26/2005 


$530** 


$352* 


$341* 


Intel Pentium D 920 2.8GHz dual-core 2MB 800MHz FSB 65nm 


12/27/2005 


$241** 


$251* 


$229* 


Intel Pentium D 930 3GHz dual-core 2MB 800MHz FSB 65nm 


12/27/2005 


$316** 


$324* 


$317* 


Intel Pentium D 940 3.2GHz dual-core 2MB 800MHz FSB 65nm 


12/27/2005 


$423** 


$437* 


$421* 





Intel Pentium D 950 3.2GHz dual-core 2MB 800MHz FSB 65nm 



12/27/2005 



$637** 



$651* 



$625* 



Luminary Micro's 
Stellaris Chips 
Incorporate Low- 
Po wer ARM Core 

Luminary Micro has a memorable 
price for its 32-bit microcon- 
troller: $1. The Austin, Texas,- 
based startup uses an ARM 
Cortex-M3 32-bit core in its chip, 
running at 20MHz. A wide range 
of applications that are currently 
dominated by slower 8-bit and 
1 6-bit microcontrollers can use 
the 32-bit processor, says Wendell 
Smith, director of marketing at 
Luminary Micro. At the April 
2006 Embedded Systems Confer- 
ence, the company showed off the 
microcontroller in a robotic toy 
car that could sense obstacles and 
move around them. The micro- 
controller has onboard memory 
and is targeted at access control, 
motor control, and other embed- 
ded applications. A 
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Wikipedia vs. Britannica 

Wikipedia has had its share of inaccuracies, and because of the nature of this online 
beast that anyone can edit, these errors have all been made public. (You might 
remember the "biography" written about John Seigenthaler and his association 
with the Kennedy assassinations, which the man himself proved false.) But what 
about errors in other online encyclopedias such as Britannica? Nature recently pub- 
lished a study ( www.nature.com/nature/journal/v438/n7070/full/438900a.html ) 
comparing Wikipedia and 
Britannica revealing "numerous 
errors in both encyclopedias." 
Britannica, however, says the 
study was "sloppy and careless" 
and seemed to take a "pro- 
Wikipedia" position. If and 
when this debate gains force, it's 
important for users to acknowl- 
edge that we all make mistakes, 
and we should all double-check 
our resources before blindly 
believing or even criticizing 
information we find online. 

www.keepyouronlinestufforganized.tel 

June seems to be the month for online organization. (See the "Keep Track Of Your 
Life With Google Calendar" article.) ICANN is contemplating the introduction of a 
new domain to help you organize all your online (and some offline) stuff. A .TEL 
domain Web site would help you sort your email and instant messaging accounts, 
Web sites, and phone numbers and easily provide all of this information to others 
on one .TEL Web site. Whether this new domain will be useful or just another 
thing for us to remember remains to be seen; ICANN reviewed the plans for .TEL 
in April, but we might not see a decision for months. 

Keep Track Of Your Life With 
Google Calendar 

Co ^k- 

Google recently released a beta ver- 
sion of an online calendar called — 
you guessed it — Google Calendar. 
The Calendar helps you simplify 
and synch major and minor events 
in your day-to-day schedule. Similar 
to Microsoft's and Yahool's calen- 
dars, you can follow the events you 
enter, but you can also share your 

calendar with friends (or the world) and even create and send invitations to them 
to attend the next LAN party you're hosting. The Google Calendar is free with a 
Google account and syncs easily with Gmail, other calendar programs, and devices 
that use iCal or XML files. 



Organize your life with Google's new Calendar. 
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Site 
Seeing 

YouVe Got Game: Online 

If you want to find game online for 
free — get your head outta the basement; 
we're talking sports here — check out 
Sportsvite.com. Maybe you're looking to 
hook up with someone to show off your 
mad one-on-one 
hoops skills or 
assemble a group 
of competitive 
spirits to play poker; on Sportsvite.com 
you could find the perfect match (or 
matches) for you. 

P2P Internet TV Sharing 

Veoh.com is not just another Web site 
where you can watch amateurs' bad video 
clips; it's an "unregulated Internet TV 
network" that uses PeerCasting (similar to 
traditional P2P file sharing but for TV- 
quality video sharing). OK, so there are 
some unpleasant video clips on Veoh.com, 
but there are some pretty good ones, too. 
And why not check it out when you can 
upload your newest home-grown sitcom 
(any length, any size file) free? 



<5eoh 



BETA i Home My Veoh Channels Friends Upload 



-Featured Videos- 
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Unplug Your Web Search 

Imagine that you can't get an Internet con- 
nection on one of your wireless devices (we 
know, as //that would ever happen, but 
let's pretend), and you need desperately to 
check the online auction you're bidding on. 
What will you do? Check your hard drive, 
of course, because you have a new, free ser- 
vice called Webaroo that lets you search 
Web sites while you're offline. As the Web 
site says, it's "search . . . unplugged." 
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AJAX Does It All 



The great shift is on as programmers exploit the powerful AJAX technique 
for bringing interactive applications right into a Web page. This month 
the startup ajaxl3 offers a glimpse of a future where sophisticated applica- 
tions work anywhere, anytime from the browser. The marvelous aj ax- 
Write offers a Word-like interface (menus, toolbars, pop-up dialogue 
Windows) straight from the ajaxWrite.com site. You can load up DOC 
files from your hard drive and edit and save them back to your PC with- 
out having to buy MS Word. More amazing is ajaxS ketch ( www.ajax 
sketch.com ), which pops up a window that is indistinguishable from a 
traditional drawing program. A 
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ajaxWrite is taking the next leap forward in turning 
full-featured applications into Web services. 



MediaCoder Brings 
Super-Translation Open Source 

Here's one open-source program that will leave you openmouthed with its 
power to transcode huge batches of every imaginable audio and video file 
across formats. Author Yi-Chun Huang has gathered into the nicely pol- 
ished MediaCoder ( mediacoder.sourceforge.net ) all of the codecs and 
translation tools from the worldwide open-source community into what 
seems like a universal translator. You can convert entire folders of MP3, 
FLAC, Ogg Vorbis, H.264, MOV, and loads of others without having to 
install their native media players or confusing piles of clashing codecs. 
MediaCoder isn't for the fainthearted novice, to be sure, because there are 
more obscurely labeled codec options here than we've ever seen. For mul- 
timedia swine like us, however, this is hog heaven. A 




I Add | Refresh | Query 



Lame | vorbis j 3GPP AAC+ ) CT AAC+ | Afd_ 
Rate Mode [vIr T] Channel [Auto" 
Bitrate J 



Quality J 



Just name a codec, and MediaCoder probably 
can transcode it. 



Apple's 

Window Of Opportunity 

When Apple Macs turned from 
Power PC processors to Intel silicon 
earlier this year, the first question 
was, will they run Windows? Apple 
finally answered "yes, kinda" with its 
Boot Camp beta. Owners of Intel- 
based Macs with the latest Mac OS X 
version and a firmware update can 
install their own version of Windows 
XP and opt into one OS or the other at start up. Boot Camp 
prepares your Mac by burning necessary drivers onto a CD, so 
WinXP can recognize and use the Apple hardware. Despite 
this new detente between traditional nemeses, Apple still can't 
help getting a dig into its rival, warning users that in a WinXP 
state their Macs are susceptible to all "the same attacks that 
plague the Windows world." Ouch! A 




Reading Your PSP 

We can't say that we'll be 
reading Leo Tolstoy on our 
Sony PlayStation Portable, 
but it's nice to know that we 
could. A British PSP news 
and info site ( www.para 
blax.co.uk ) has released the 
PSP ebook Creator. This lit- 
tle tool converts plain text 
files, which you can find for 
most world classics at Gut- 
enberg.org, into sequential 
image files formatted for 

easy viewing and paging on the PSP. The program lets you set 
background images, text fonts and colors, and even adds in 
page numbers. Alas, it can't make "War and Peace" any short- 
er to read. A 




The PSP ebook Creator turns raw 
text into PSP pages. 
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Are the historically divided worlds of Apple and 
PC finally converging after all of these years? 
Not only is Apple allowing Windows onto its 
systems (see "Apple's Window Of Opportu- 
nity"), but the company also joined the BAPCo 

(SYSmark, MobileMark) consortium of PC and peripheral manufacturers that create 
benchmarks for the Windows platform. Speculation has been running wild as to why Apple 
would join this group, but the motive may be to create, at long last, fair performance com- 
parisons between the two platforms. Apples to apples, so to speak. A 

Microsoft's Monaco Bites Back 

It turns out that the Apple and Windows worlds aren't really living happily ever after despite all 
of this month's cross-platform friendliness. Microsoft wants to steal one of Apple's core con- 
stituencies, amateur musicians, with a Vista-based app code-named Monaco. The music syn- 
thesizer/editor competes directly with the Mac-based GarageBand app, but some of Microsoft's 
development partners say Monaco will show off Vista's capabilities and may include unique 
search features for finding and integrating music clips. Will aspiring Bon Jovis spurn Apple and 
fly to Monaco? Who would you rather rock with? Steve Jobs or Bill Gates? A 

Apple's music synthesizer has Microsoft on its tail. 
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Apple joins the PC 
benchmarking 
club; there goes 
the neighborhood. 



The UpShot 
Is Making 
Shutterbugs 
Happier 

Bellamax says its new UpShot 
image editor was designed to 
satisfy the 75% of digital pho- 
tographers who say they aren't 
completely satisfied with cur- 
rent editors. UpShot promises 
more efficient photo-correction 
functions, clearer embedded 
tutorials, and a simplified 
menu structure. Its FastFix tool 
performs color correction, red- 
eye removal, brightness adjust- 
ment, and segment correction 
with one button push. Now, if 
it could digitally remove for- 
mer boyfriends/girlfriends 
from pictures — that would be a 
standout selling point. A 



BIOS Upgrades Available Online compiled b y Steve smith 

Before you send another motherboard to the landfill, consider upgrading the BIOS and giving your PC a new lease on life. 
Here are a few recently released upgrades. Readers can check out www.cpumag.com/cpujun06/bios to see our entire upgrade list. 



Motherboard 


i 


Date Available 


i url 1 


ASRock 775Dual-880Pro 




3/29/2006 


download.asrock.com/bios/775/775Dual-880Pro(1.40)Win.zip 


Asus A8N5X 




3/24/2006 


dlsvr03.asus.com/pub/ASUS/mb/socket939/A8N5X/A8N5X902.zip 


EpoxEP-8GF6100-M 




2/21/2006 


www.epox-europe.co m/downloads/download.php?download_id=775&mode=zip 


Gigabyte GA-8I945PLGE-RH 




3/20/2006 


america.giga-byte.com/MotherBoard/FileList/BIOS/bios_ga-8i945plgerh_f3.exe 


Intel D975XBX 




4/4/2006 


downloadfinder.intel.com/scripts-df-external/confirm.aspx?ftpDown=ftp://aiedownload. intel.com/df-support/ 

10321/eng/BX0908P.BIO&agr=N&ProductlD=2205&Dwnldld=10321&strOSs=38&OS 

FullName=OS%20lndependent&lang=eng 


Tyan K8SRE 




3/17/2006 


ftp://ftp.tyan.com/bios/2891_202.zip 
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Can't wait until Novem- 
ber to see what online 
multiplay games will 
look like on the PlaySta- 
tion 3? Then become a 
Game Networking Pro- 
grammer at development 
studio Factor 5 and build 
a PS3 title yourself, Sony 
contracted tlie company 
to build the game Lair 
for the next-gen console, 
and the very early buzz 
is that it may be the most 
graphically sophisticated 
fantasy game yet. And 
why not? The team 
behind Lair also created 
the original Star Wars: 
Rogue Squadron series. 
In order to make this 
tough cut you need a 
console networking back- 
ground, C/C++ profi- 
ciency, and experience 
matching up contestants. 
All we know about this 
top-secret title is that it's 
a showpiece for the PS3's 
Cell-based real-time 3D 
rendering power, and it 
has something to do 
with dragons. 

Don't fret if you are not 
into network program- 
ming, though. Factor 5 is 
staffing up for the next 
generation, including 
multiple PS3 titles. The 
company also needs a 
Maya Tools Programmer 
and a Software Engineer 
3D Tools. Hey, somebody 
has to build those vein- 
ribbed, translucent 
dragon's wings and 
hyper-real fire breath. 



Number of 
active broad- 
band users in 
the United 
States 

(up 28% from 
2005) 

Hieisen//MRatings 

AT 




30 hoi 

Time spent online 
each month by the 
average wired 
American 
Hieisen/ /NetRatings 



r.</i 



2,127% 

Increase in spending 
on digital greeting 
cards (2001 to 2005) 

Online Publishers Association 



f& 



Percentage of Americans who don't support government 
monitoring of ordinary citizens' Internet search behavior 

Center for Survey Research and Analysis 



& 



Who's Buying Those Banners, Anyway? 

Online marketing has enjoyed double-digit growth as traditional TV and print advertis- 
ers rush to promote their wares on the Web. But who's buying up all of that banner 
and rich media space? Primarily it's still the dot corns, according to TNS Media 
Intelligence, which found that most of the top ad buyers in January were themselves 
Web-based businesses such as Netflix and Classmates.com. The notable excep- 
tion is the Internet's top advertiser by a long shot, Vonage. The company's marketing 
philosophy is that its customers are people who have and are comfortable with 
broadband, so that's why it spends more than 50% of its advertising budget online. 
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FINANCIAL 4 


$6,783,000 


8 


shareeuiLDer 

SuiW your future. 


$6,531,000 


9 


Lower My E| .com 


$6,499,000 


10 


(fCyn University of Phoenix * 

\@5%4/ ONLINE 


$6,292,000 



* Estimated cost of display advertising only (banners, rich medio, skyscraper ads, etc.) 
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Going . . . Going . . . Gone 



by Alex St. John 



For the last few years, I've been writing 
about the "coming" demise of PC gaming 
due to chronic shortsightedness on the part of 
Microsoft and Intel. Given the most recent 
data from the NPD Research group, PC 
games sales have declined to a $953 million 
annual business down from their peak of $2.3 
billion in the 1990s. The PC game business 
has collapsed 36% since the launch of the 
Xbox in 2001. Nice job, guys; way to saw off 
the limb you're standing on. 

Microsoft meanwhile shifted the entire 
game industry's focus away from Windows, its 
wildly profitable OS business, to the bottom- 
less Xbox money pit, a game console that is 
widely popular with significant market share as 
long as Microsoft massively subsidizes it. 
Microsoft has been unusually efficient at 
screwing itself on multiple levels here; first it 
took the only applications that drove consumer 
demand for new PCs — and hence new OSes — 
and diverted them to the Xbox 360. The com- 
pany ingeniously failed to deliver enough Xbox 
360s to satisfy consumer demand on launch, 
thereby destroying the holiday sales of all the 
former PC game developers who had followed 
Microsoft to Xbox development. The coup-de- 
grace, however, is Vista, a new consumer OS 
that Microsoft plans to release after Xmas 
that's even worse at running games than 
Windows XP. Vista will need a minimum of 
512MB of RAM just to boot sluggishly and do 
nothing; you'll need a gig of RAM to actually 
run another application in it. 

To be fair, there are a few PC game genres 
that will always have a market. First-person 
shooters, real-time strategy games, and 
MMOGs will always have a big home on the 
PC, but a lack of broad demand for leading- 
edge PC games will lead to a lack of broad 
support for leading-edge PC graphics by ATI 
and Nvidia. 

Twenty-some years after consoles swept 
through America and dominated interactive 
entertainment in the living room, Intel is 
busy trying to drive sales of new PCs for the 
living room with a marketing program called 
Viiv that promotes old PC titles, old arcade 
games, and 2D content you can play with a 
remote control. 



Intel shows no signs of learning anything 
from its mistakes and continues to ship low- 
performance 3D processors as the default 
graphic chips on the 50 to 60% of the con- 
sumer PC market that is below a $600 price 
point, as though anybody buys a new consumer 
PC not expecting to be able to run new PC 
games on it. Here's a link to the Intel Web site 
titled "Extreme Gaming On The Go" that 
clearly illustrates how confused Intel is on this 
subject: www.intel.com/personal/gaming 
/mobile laptop.htm . The very first bullet point 
in the paper supporting Intel's great gaming 
capabilities reads, "Maximized mobile perfor- 
mance and multitasking capabilities such as 
watching a high-definition movie while convert- 
ing your audio CDs to MP3s with Intel's first 
mobile optimized dual-core processor" 

Sounds fun. . . . You just can't make this 
stuff up. 

I've never seen anything like it; it's like 
Microsoft and Intel wrapped themselves with 
dynamite, climbed on a bus with all their cus- 
tomers, and hit the trigger. 

Don't get me wrong; I think the Xbox 
and Xbox 360 are great consoles, and I think 
it's extremely cool to have a console power- 
house based here in the U.S. It's just a 
shame that Microsoft and Intel lost perspec- 
tive along the way. If they were going to lose 
billions of dollars launching a new console 
in the United States, it would have served all 
their interests better if the Xbox had 
remained a PC-based architecture and if 
Microsoft had made absolutely certain that 
the developer and publishing environment 
spanned smoothly to the PC, thus multiply- 
ing the potential market for PC/Xbox game 
developers instead of splintering it. Intel des- 
perately needs to realize that consumers 
don't want hand-me-down enterprise CPU 
architectures. A modern Intel Processor has 
enough fast RAM and transistors to be a 
next-generation console all by itself if only 
some of those transistors were configured to 
be a GPU. 

Intel and Microsoft have gone the same 
strange route together, making their products 
bigger and more complex for no apparent 
productive purpose. A 
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ment content over the Web. 



Send your feedback to TheSaint@cpumag.com 
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No one would believe us without the photos, so 
there we were, snapping 4,080 x 4,080 print after 
print. It looked like a headless horse, man, only it was 
clearly an automaton. We don't know how it learned to 
run that weird, white machine, but it clearly thought no 
one was watching. And when a glistening, titanium horse- 
skull emerged from the machine, well . . . you'll have to 
buy the story rights to hear the rest. 



by Marty Sems 

Boston Dynamics BigDog 

It's as if Dr. Doolittle has been marooned on a technologi- 
cal Island of Dr. Moreau. The BigDog prototype from 
Boston Dynamics ( www.bdi.com ) looks like a mash-up of a 
pushmi-pullyu and Herbie Hancock's "Rockit" video. In 
the big, 27MB WMV video on the Web site, you'll see this 
quadruped robot negotiate harsh terrain and even recover 
from a few kicks and shoves with amazing, computer- 
controlled balance. The military and rescue potential here 
is huge, although Boston Dynamics, a MIT spin-off, 
declined to estimate BigDog's eventual price, nor when/if it 
might canter onto the world stage. If you ignore the racket 
of its gas engine, BigDog seems like id Software combined 
the lower halves of two distance runners in black tights for 
a Doom 3 expansion pack. Bring on the nightmares. 

Hasselblad 503CWD Anniversary Kit 

It's not long after the Oscars at this writing, and we imag- 
ine there was a photograph or two taken that night. 
Paparazzi pros would've loved to have had the latest 
Hasselblad central-shutter camera, a limited edition 
503CW ( www.hasselbladusa.com ). It's paired with a 16MP 
CFV digital camera back to form the $12,995 503CWD 
Anniversary Kit, which commemorates the 100th anniver- 
sary of Victor Hasselblad's birth. Even some actresses got in 
on the shutterbug act, thanks to the Kwiat diamond-mono- 
grammed Kodak digicams given to the nominees for Best 
Actress. Not to spoil the party, but we'd think that Reese, 
Keira, and the rest could net more than the $20,000 origi- 
nal prices for their cameras at an auction for charity. 

Arcam EBM S400 

Design it in CAD in the morning, come back after lunch 
and marvel at your creation, magically realized in titanium. 
The EBM S400 prototyper (about $600,000) uses an elec- 
tron beam to melt layers of powdered alloy into a solid part 
ready for heat treatment. The fast process avoids the forma- 
tion of pinholes or bubbles, so parts fall between wrought 
and cast titanium in strength. The rendering also takes '"' 

place in a vacuum, so the metal can't oxidize. Stratasys 
( www.stratasys.com ) distributes the EBM S400 (known as ■; ;; 
the EBM S12 to the rest of the world) in North America 
for the Swedish manufacturer Arcam AB. Arcam says auto- |,; 

motive, aviation, medical — we say hood ornaments, wild- -V;:: 

. . Wvk 

cat revolver cylinders, orthodontia. ... A 

A.. 
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The Power To Protect 

Eight UPS Units Tested & Reviewed 



There are few other things in 
computing more annoying than 
having hours of work trashed 
instantly because your computer has 
experienced a momentary power failure. 
Sometimes, that's the least of your wor- 
ries. Repeated power drops and surges 
can easily damage your computer com- 
ponents, meaning a simple reboot after 
a power failure won't always get you 
back in business. Fortunately, UPSes 
can take care of this problem, letting 
you rely on a powerful battery to supply 
electricity to your computer when your 
wall socket can't any longer. 



UPSes aren't just a battery and power 
strip hashed together, though. Your 
computer and your wall socket work 
with AC, or alternating current, while 
the battery stores electricity as DC, or 
direct current. Thus, a complex combi- 
nation of rectifiers, inverters, and switch- 
es automatically converts AC into DC 
for charging the batteries, and DC back 
into AC to power your equipment dur- 
ing a power failure (a total power loss) or 
a brownout (a partial power loss). UPSes 
must also absorb power spikes (a tempo- 
rary excess of power, such as a local 
lightning strike) and filter line noise and 



What Buying UPS Protection Gets You 

We looked at eight UPSes from four leading manufacturers for this roundup with prices 
running between about $85 and $165 (street). Feature-sets and bundled extras, of course, 
will vary depending on price points, but here's how the units match up based on various criteria. 



frequency variation. All of this must 
work almost instantaneously. 

Ideally, UPSes must also communi- 
cate with the computers they're protect- 
ing. Windows, Mac OS X, and Linux 
have built-in abilities to detect if they're 
on battery power, sense how much time 
remains before the battery discharges, 
and automatically shut down cleanly. All 
the UPSes I tested here include software 
that also does this, in addition to cleanly 
save open files and in many cases, more. 

How We Tested 

Obviously, creating lightning strikes 
was beyond my testing abilities, so I 
relied on other options. To test auto- 
saving and auto-shutdown functionality, 
I used a sacrificial 1.4GHz Pentium 3 
system with two hard drives, two optical 
drives, four fans, several PCI cards, and 





APC Back-UPS 
ES750 


APC Back-UPS 
RS900 


Bel kin Battery 
Backup 1000VA 


Bel kin Battery 
Backup 11 00VA 


CyberPower 
800AVR 


CyberPower 
1285AVR 


Price 


$99.95 


$149.99 


$159 


$153 


$99 


$149.99 


Backup Outlets 


5 


4 


8 


4 


4 


4 


Transformer-Friendly 


1 


1 





4 


2 


1 




Surge- Protected Outlets 


5 


3 





2 


8 


8 


Transformer-Friendly 


1 


1 





2 


2 







Circuit Breaker Reset 


Y 


Y 


Y 


Y 


Y 


Y 


Phone Filter 


N 


Y 


Y 


Y 


N 


N 


Ethernet Filter 


Y 


Y 


Y 


Y 


Y 


Y 


Coax Filter 


Y 


N 


N 


N 


Y 


Y 


Advertised VA 


750 


900 


1,000 


1,100 


800 


1,285 


Runtime (minutes) 


19 


27 


16 


17 


12 


29 


Serial Port 


N 


N 


Y 


Y 


Y 


Y 


USB Port 


Y 


Y 


Y 


Y 


Y 


Y 


Network Port 


N 


N 


Optional 


N 


N 


N 


Serial Cable 


N 


N 


Y 


Y 


N 


N 


USB Cable 


Y 


Y 


Y 


Y 


Y 


Y 


Network Cable 


Y 


Y 


N 


N 


N 


N 


Phone Cable 


Y 


Y 


Y 


Y 


Y 


Y 


Coax Cable 


N 


N 


N 


N 


Y 


Y 


Equipment Protection Policy 


$50,000 


$150,000 


$200,000 


$100,000 


$200,000 


$375,000 



CPU RANKING O = ABSOLUTELY WORTHLESS | ••« 2.5 = ABSOLUTELY AVERAGE | 



5 = ABSOLUTELY PERFECT 
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a floppy drive all running on Windows 
XP. The test rig consumed 0.195 kilo- 
watts of power. Essentially, I pulled the 
plug to see what would happen. I mea- 
sured the UPSes' runtime using the 
same machine (to simulate a heavy load) 
with shutdown options disconnected to 
prevent a premature automatic shut- 
down before the power ran out. I also 
connected a 17-inch Sony Trinitron 
monitor and left it on throughout test- 
ing, as you can't really work on a com- 
puter without one. 

For this roundup I looked to the 
major players in the UPS field for units 
in the $150 range, letting their feature- 
sets and power levels fall where they 
may. I also looked at slightly less-expen- 
sive units where possible to get an idea 
of what features you give up as prices 
go down. The various units are grouped 
according to manufacturer. 

APC Back-UPS ES 750 & Back-UPS RS 900 

APC (American Power Conversion) 
is practically synonymous with UPSes, 
so much so that a lot of people actually 
call UPSes "APCs," similarly to how 
people call tissues "Kleenex" or photo- 
copies "Xeroxes." APCs experience 



Tripp Lite 
AVR 750U 



Tripp Lite 
Smart 1200 LCD 



$89 


$165 street 
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8 
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2 
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N 
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750 


1,200 


13 


33 
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Y 
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N 


N 


Y 


N 


N 


N 




Back-UPS ES 750 

$99.95 

APC 

www.apcc.com 

Back-UPS RS 900 

$149.99 

APC 

www.apcc.com 



shows in its products, as the run- 
times of the APC units I tested were 
much higher than the advertised VA 
(volt amp) ratings would suggest. 
Additionally, the bundled PowerChute 
software is first-rate. There aren't many 
outward bells and whistles, however, 
and both units share some typical 
minor APC quirks. 

The Back-UPS ES 750 looks like a 
wide, fat, tall power strip and only has one 
button and status light. As with all APC 
units, you have to connect the internal 
battery yourself, which requires good hand 
strength, nimble fingers, and possibly a 
pair of needle-nosed pliers. Also common 
of all APC UPSes is a nonstandard con- 
nectivity cable, which is USB on one end 
and what looks like a fat LAN cable con- 
nector on the other. Keep the cable safe, as 
my local Radio Shack didn't carry spares. 
The unit's 10 sockets (five backed up, five 
surge-protected) encourage heavy use, and 
the unit managed to power my test 
machine for 19 minutes. Built-in coax 
connectors can filter your cable modem's 
cable, which is rare for this price point. 

The Back-UPS RS 900 is an upscale 
unit for home and office use. It looks like 
a small, beige computer tower but is about 
half as wide as a SFF-style chassis. There's 
a push-button switch and four clearly 
labeled indicator lights on the unit's front, 
with all the other connections located on 
the back making for a tidy presentation. 
The RS 900 has jacks for both phone- and 
network-surge protection, along with a 
grounded screw for various audio and net- 
work hardware. There are just seven 
power sockets, however. 

The RS 900 kept my test system going 
for an impressive 27 minutes. I noticed 
there was a lot of heat escaping the venting 




slits, which would indicate they're posi- 
tioned correctly. The monitor did make a 
buzzing noise and displayed slightly jittery 
images when running from the battery. 

APCs PowerChute Personal Edition 
1.5 software comes with both units, al- 
though version 2.0 is available for down- 
load at APCs site. Functionality seems 
identical between the two versions, 
although 2.0 looks much more modern. 
Basic stats appear along the bottom of 
the PowerChute window (including cur- 
rent power source and estimated battery 
runtime, which seemed low), hypertext 
links to commands run along the top (or 
the left side in 2.0), and content appears 
in the middle. 

There are several interesting settings 
available in the software, such as turning 
off the alarm buzzer if there's a power 
failure at night, adjusting the sensitivity 
to power fluctuations, and setting the 
maximum or minimum line voltages 
before the battery kicks in. You can also 
set automatic shutdown to maximize 
runtime or battery life. The RS 900's 
PowerChute version also lets you run a 
self-test of the UPS itself and display the 
current power load (which seems slight- 
ly high). Both units run a self-test every 
time you turn them on with the switch, 
so ES 750 users shouldn't feel too left 
out. APC doesn't offer Mac or Linux 
versions of the software. 

Belkin Battery Backup 1000VA Tower 
& Backup 11 00VA 

Belkin is widely known for its line of 
quality computer peripherals, and its 
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Battery Backup 1000VA 

$159 
Belkin 

www.belkin.com 
• ••< 




Battery Backup 
1100VA 

$153 
Belkin 

www.belkin.com 
• ••< 



UPS units don't disappoint, either. 
Although the power-off runtime of these 
units is lower than their advertised VA 
ratings would suggest, the units' bun- 
dled software, simple controls, and data- 
recovery warranties may compensate. 

The 1000VA Tower is arguably the 
more attractive of the two UPSes, as it 
looks rather like a blade server (although 
no rack-mounting hardware is provid- 
ed). The 1000VA comes with a stand to 
set it up in a stable tower configuration, 
but due to its low center of gravity, the 
stand seems unnecessary. In a horizontal 
configuration, the 1000VA looks good 
in an audio-visual tower configuration, 
protecting your Media PC or TiVo 
while looking like a cable TV box. All 
eight of its sockets are backed up, so you 
can't plug laser printers (or perhaps a 
plasma TV) into a surge-protected sock- 
et. All cable connections are at the unit's 
back, and there's a push button switch 
and indicator light set at the front. The 
1000VA kept my test computer running 
for 16 minutes. As was the case with the 
APC ES 750, the Sony monitor buzzed 
when running off the battery. 

The 1100VA is substantially smaller, 
but all its sockets are on top, making 
it quite a bit messier and looking like 
Medusa's head when it's fully utilized. 
The unit is rated for slightly more 
power, however, and it kept my test rig 
running for 17 minutes, although it 
got much warmer than its taller broth- 
er. The HOOVA's specs state that it 
has USB and serial ports for multicom- 
puter management (the product's full 



name also mentions this), implying 
that you can plug two computers into 
the UPS at the same time, hook a serial 
cable into one, a USB cable into the 
other, and when the power fails, both 
computers will safely shut down auto- 
matically. The user guide, however, 
states that you should only use the 
serial or USB port. In practice, when 
the serial cable is connected, the USB 
connection is dropped. In other words, 
the UPS can't communicate via both 
ports at the same time, so only one 
computer would shut itself down. 

Belkin's Bulldog Plus Monitor 3.2.19 
software ships with both units and is 
excellent overall. Although the software 
is apparently unable to accurately esti- 
mate remaining time on the battery, its 
default settings shut a computer down 
five minutes after power loss. You can 
manually override the shutdown; turn 
off its shrill alarm; and monitor battery 
voltage, battery level, input/output volt- 
age or frequency, and the output load. 

Full diagnostic tests are available, 
along with a complete history of all 
power-related issues. If your Tower 
unit has the optional SNMP module, 
you can even monitor UPSes over a 
network. Saving files in running pro- 
grams during shutdown works well, 



800AVR 

$99 

CyberPower Systems 

www.cyberpower.com 

• ••• 



even for files you haven't named, and 
Bulldog tells you where those files are 
located upon the next boot. The soft- 
ware can also schedule shutdowns and 
reboots regardless of power status. The 
software is available for Windows, Mac 
OS X, and Linux, although I only test- 
ed the Windows version. 

CyberPower Systems 800AVR & 1285 AVR 

CyberPower Systems is a relative new- 
comer to the UPS market (almost 10 
years in), but its products are in most 
major U.S. electronics and office-supply 
stores. The company has UPSes available 
at almost any price point, and its bun- 
dled software is simple and effective. 

The 800AVR looks like a large, wide 
power strip with four backed-up outlets 
on one side and four more with surge 
suppression on the other. Although the 
unit is far too heavy to actually mount 
on a wall (wall mount slots are molded 
into the unit's bottom), you could 
probably take the unit to a LAN party 
or gaming convention without too 
much trouble. Coax and Ethernet jacks 
suppress harmful power surges with 
their respective cables, and dual USB 
and serial ports keep your connectivity 
options open, although the bundled 
software only works with USB. Each 
power socket is well-marked. The unit 
powered my test system for 12 minutes. 

The 1285AVR is an attractive tower 
with a high "cool factor," thanks to its 
ice-blue LCD. The LCD always dis- 
plays battery load and capacity, but 
clicking the display's button will also 
cycle through input or output voltage, 



1285 AVR 

$149.99 

CyberPower 

Systems 

www.cyber 

power.com 
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output frequency, output wattage, bat- 
tery capacity (again), and remaining 
runtime in minutes. It would be cooler 
if the display always remained lit, such 
as Tripp Lite's LCD, instead of going 
out after 30 seconds — a configuration 
setting would be ideal here. Four 
backed-up power sockets and four 
surge-protected sockets take up the 
unit's rear, along with serial and USB 
ports for connectivity, and filtered coax 
and Ethernet jacks. Unique among the 
units here is the 1285AVR's internal 
cooling fan, although it never spun up 
other than during its power-up test. 
The 1285AVR kept my test computer 
running 29 minutes; 1 1 more minutes 
than the LCD estimated. 

Both the UPSes come with 
PowerPanel Personal Edition 
software. The CD probably had 
the current version (I couldn't 
find version numbers listed 
anywhere), but you can down- 
load the current version on 
CyberPower's site. PowerPanel 
only works with the USB port; 
the serial port is intended for 
built-in OS functionality only 
and a serial cable isn't included. 
If you supply one yourself, two 
computers can work off one 
UPS and shut down cleanly. 

PowerPanel is friendly and 
easy to use and seems similar to 
APC's PowerChute 1.5 soft- 
ware, including using almost 
the same icons, menu structure, 
and feature set. This certainly isn't bad, 
as both software packages are excellent. 
The software shows you the current load 
and charge status, maximize runtime vs. 
battery life, and history logs. The soft- 
ware also lets you disable the alarm 
buzzer depending on the time of day 
and run self- tests. PowerPanel does lack 
APC's voltage-sensitivity settings. 

Mac and Linux versions of Power- 
Panel aren't available, but the OSes do 
support these UPSes directly. 

Tripp Lite Smart 1200 LCD & AVR 750U 

Tripp Lite has been in the UPS game 
for more than a decade and is very 



popular with IT department heads. This 
may explain the units' outstanding run- 
time, utilitarian designs, and somewhat 
clunky, but powerful, software suite. 

The AVR 750U follows the classic 
big-fat-power-strip model that's popu- 
lar at the low-end. The unit has an eye- 
popping 12 power sockets (six backed 
up, six surge protected), along with a 
single USB connector and a set of RJ1 1 
jacks for filtering phone lines. But that's 
it. The markings engraved on the black 
plastic are a little hard to see and are all 
but impossible to determine in low 
light, meaning you need to take care 
when you want some items on the bat- 
tery but others just protected from 
surges. The AVR 750U 
kept my test computer 
running for 13 minutes. 




The Smart 1200 LCD is a tall tower 
that's also suitable for rack mounting, 
but it looks very utilitarian. The included 
hardware brackets make adding it to a 
rack easy, but they can also act as a floor 
stand, which is a good thing because as a 
tower, the UPS is tipsy and top-heavy. 
The 1200 LCD's bling factor comes in 
the form of an onboard LCD, which dis- 
plays input voltage, current battery level, 
and various other conditions via icons. 
You can rotate the LCD to work both in 
tower and horizontal orientations, and it 
remains on as long as the UPS is on. All 
cabling connects at the rear for a neat 
installation, and the battery backs up all 



eight power sockets. Unique among all 
the UPSes here is the 1200 LCD's 
onboard Mute switch, although there's 
no way to unmute the alarm once its 
activated without having to reset the 
UPS. Runtime was a spectacular 33 min- 
utes, and the LCD's "fuel gauge" was the 
most accurate of all the UPSes. You can 
use both serial and USB ports for status 
monitoring, and two different computers 
can work at the same time with each of 
the ports. Most UPSes sell fairly close to 
MSRP, but this unit's street price is sub- 
stantially lower, so look around. 

Both units come with PowerAlert 
Console 12.3 software, but 12.4 is avail- 
able for download. Both versions appear 
identical, but 12.4 lacks a help file, so 
install from the CD and then upgrade to 
the current version, which adds every- 
thing. PowerAlert is a combination of a 
small Windows service that actually 
monitors the UPSes and performs the 
clean shutdowns and the Console, which 
is a clunky Java app that changes settings 
and performs tests. PowerAlert works for 
various Unix and Linux distros, but 



VR 750U 

$89 

Tripp Lite 
www.tripplite.com 
• ••< 



there is no mention if it working with 
Mac OS X. 

Console has two modes: Home Device 
Management Scheme (simpler but lacks 
certain commands) and Business Device 
Management Scheme (has all the com- 
mands but can be confusing). Getting a 
current status of the UPS requires click- 
ing several poorly labeled buttons and 
lots of scrolling. Changing settings also 
requires clicking tabs within tabs. Still, 
the software can perform tasks that the 
others here can't, such as emailing you 
when power is dropped or easily moni- 
toring multiple devices, including those 
from other vendors with plug-ins. A 



by Warren Ernst 
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Seagate Momentus 5400.3 1 60GB 



Seagate's first perpen- 
dicularly recording 
hard drive is the 
Momentus 5400.3 for 
notebooks and low-end 
servers. (We previewed it in 
the March issue of CPU on 
page 31.) 

The current perpendicular drives 
such as Toshiba's groundbreaking 
MK4007GAL and MK8007GAH, only 
hint at the technology's potential. The 
real implications will be felt later. PR will 
make possible vastly higher capacities 
down the road: at least several times 
more areal density than today's hard 
disks have and possibly up to 10 times 
more, according to some experts. 

Fluid dynamic bearings and head seek 
management keep the 5400.3 in the 
23dB (Marcel Marceau) to 29dB (angels 




burping) range. An offload ramp lets 
the heads park when the drive is 
off, letting the 5400.3 with- 
stand a shock of up to 900G 
(lms) when not operat- 
ing. Even while run- 
ning, the drive is as 
tough (350G, 2ms) as the 
best desktop drives are when 
powered off. This Momentus draws 
no more than 2 watts, idles at 0.8W, and 
stands by at 0.2W, Seagate says. It takes 1 
amp from the 5V rail to spin up. 

The 5400.3 averaged 36.4MBps reads 
and 34.5MBps writes in my tests. It peaked 
at 45MBps reads and 43MBps maximum 
writes, with a 16.2ms random access time 
in HD Tach RW 3.0.1.0. Other highlights 
are 6.6MBps Windows XP Startup and 
40.2MBps ratings in PCMark05 1.1.0, 
along with 78.95IOps File Server and 



84.19IOps Web Server scores in IOmeter 
2004.07.30. 1 don't have many 2.5-inch 
drives with which to compare the 5400.3 
yet (not counting Seagate's USB 2.0 ver- 
sion) on my current benchmarks, but it 
appears that this Momentus would make a 
fine, high-capacity addition to a notebook 
or special purpose PC. 

Despite its new recording layer technolo- 
gy, the Momentus 5400.3 gets Seagate's 
full backing with a five-year warranty. It's 
not the first perpendicular drive, but it's 
certainly a momentous achievement for the 
world's largest hard drive manufacturer. A 



by Marty Sems 



Specs: Perpendicular recording, 5,400rpm, 8MB cache, FDB, ATA/100, 12.5ms 
advertised seek 



Momentus 5400.3 160GB 

$293 (online) 
Seagate 
(831)438-6550 
www.seagpte.com 
• •••I 



Matrox TripleHead2Go 



Whether the scenario is wanting a 
broader perspective in a Molten 
Core raid or simply craving more desk- 
top real estate, I think at one point or 
another, we've all wanted a way to 
increase our workspace without buying a 
30-inch display. Matrox must think 
there are an exorbitant number of us 
running around with extra 19-inch dis- 
plays: Its TripleHead2Go lets you link 
up to three monitors together for a max- 
imum resolution of 3,840 x 1,024. 

I'm tempted to rename the Triple- 
Head2Go the "TripleHead4GeForce" 
because of its quirky support for ATI 
GPUs. Not only does it currently lack 
support for CrossFire, but any Radeon 
graphics cards will also run below the 
TripleHead2Go's maximum resolution 
in 3D applications. Matrox addressed 
the issue, saying it's lobbying ATI for a 
driver release with support, but the fact 



remains ATI owners should steer clear 
until there's better support. 

Because of bandwidth limitations, the 
TripleHead2Go uses analog outputs to 
break a 3,840 x 1,024 output into three 
1,280 x 1,024 signals for each display. A 
DVI-to-analog switch didn't bother me as 
much as some skewing in Quake 4. 
F.E.A.R. thankfully didn't have this prob- 
lem, but proper scaling might be hit-and- 
miss with other games. 

My GeForce 7900 GTX 512MB had to 
pump out three times as many horizontal 
pixels, so the sizeable performance hit 



Quake 4 and F.E.A.R. took wasn't surpris- 
ing. I dropped from 104fps to 38.2fps in 
Quake 4 when I adjusted my resolution 
from 1,280 x 1,024 to 3,840 x 1,024 on 
Ultra quality with 4XAA. In F.E.A.R., my 
frame rate dropped from 86fps to 44fps 
after I shifted from 1,024 x 768 to 
3,072 x 768 with 4X AA and 8X AF. 

Matrox does have an expansive list of 
games the TripleHead2Go supports, and I 
can't deny surround graphics is great for a 
180-degree field of view for MMORPGs or 
FPSes. But until it can evolve better sup- 
port for ATI hardware, the TripleHead2Go 
is an accessory for Nvidia owners only. A 

by Vince Cogley 



TripleHead2Go 

$299 

Matrox 

(514)822-6000 

www.matrox.com 

• •• 



Specs: DVI-I to VGA cable, 4 HD-15 (1 input, 3 output) ports, Matrox 
Surround Gaming Utility 
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NexStar 

External Enclosure Series 




FOR 2.5"/3.5" HDD/5.25" DEVICE USB 1.1/2. D/FIREWIRE/eSATA 



PLUG N' PLAY 



Store up to 500 GB 





music data 

*drive not included 



photo 



movie 



Form and functionality collide with style in the NexStar External Hard 
Drive Enclosure series. From the mirror-finish Nexstar 3 to the USB 
ports integrated NexStar GX, the NexStar accommodate wide range of 
needs, Convenient storage, stylish design, SMART active/passive 
cooling system, and USB hub integration, NexStar optimize your 
storage device. Vantec's NexStar series is your ideal choice to take your 
2.5'and 3.5' hard drive or DVD burner on the gol 
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Corsair XMS2 WVIN2X1 024-8500 



I n preparation for the launch of new plat- 
I forms from Intel and AMD, Corsair has 
released a new high-end DDR2 memory 
kit that promises increases in bandwidth 
and effective clock speeds faster than 
1GHz. The XMS2 TWIN2X1 024-8500 is 
a 1 GB DDR2 memory kit comprised of 
two matched 512MB CM2X512-8500 
sticks rated for operation at 1 ,066MHz 
with 5-5-5-15 timings. At lower clock 
speeds, however, this memory should have 
no trouble running with tighter timings. 
My kit, for example, was able to run reli- 
ably at 3-3-3-9 at DDR2-767. 

The actual memory chips these mod- 
ules are built with are selectively binned 
Micron Rev: D RAM. The high-frequen- 
cy operation the TWIN2X1 024-8500 
kit offers, though, will be useful when 
Intel's Conroe and AMD's AM2 platform 




launch. It is also useful for Intel overclock- 
ers and owners of Intel processors that fea- 
ture a 1,066MHz front side bus. The 
TWIN2X1024-8500 kit now gives users 
the ability to run their RAM synchronous- 
ly with their processor's FSB on supporting 
motherboards; think 975X Express, which 
usually results in better performance. 

I took this memory for a spin using a 
dual-core Pentium Extreme Edition 965 
processor, a GeForce 7800 GTX, and an 
Asus P5WDG2-WS 975X Express-based 



Specs: capacity: 1,024MB (512MB x 2), 64M x 8 DDR2 SDRAMs; latencies: 5 (CAS), 
5 (RAS Precharge), 5 (RAS to CAS), 15 (RAS Activate to Precharge), 2T (Command 
Rate); voltage: 2.2V; lifetime warranty 



motherboard, and found it performed 
very well. With the TWIN2X1 024-8500 
kit installed, my test system put up 
196.6fps in Quake 4 at the game's low- 
quality setting, and it managed more than 
6.7GBps in Sandra's buffered memory 
benchmark, compared to 1 84fps and 
about 6.5GBps using DDR2-800 RAM. 
It may take a next-generation platform 
to fully exploit the performance capabili- 
ties of Corsair's TWIN2X1 024-8500 
memory kit, but for now this stuff offers 
excellent performance and a ton of over- 
clocking headroom. A 

by Marco Chiappetta 

XMS2 TWIN2X1 024-8500 

$229 
Corsair 

www.corsairmicro.com 
• ••• 



Nvidia DuanA/ MCE 



Nvidia recently released a new add-in 
card, but unlike the majority of its 
products, a GeForce GPU doesn't pow- 
ered this one. In the GeForce GPU's 
place, the Nvidia DualTV MCE has a 
pair of Philips TV tuners and a ViXS 
XCode II multistream encoder and 
transcoder chip at its heart. 

As its name implies, the DualTV MCE 
is a TV-tuner expansion card for con- 
sumer-level PCs that features two inde- 
pendent TV tuners on a single PCI 
expansion card, not to mention an FM 
tuner and a pair of S-Video inputs and 
analog audio inputs. 

The DualTV MCE offers a compre- 
hensive list of personal video-recording 
features, along with a technology dubbed 
MediaSqueeze that helps save disk space. 




MediaSqueeze works by compressing re- 
corded video so that it consumes less 
space on a user's hard drive. 

I found that installing the DualTV was 
very simple. After inserting it into an 
available PCI slot, I installed the included 
drivers and software and was up and run- 
ning in only a few minutes. Also, I should 
note that the card requires Windows Me- 
dia Center Edition 2005 (including the 
Update Rollup 2 upgrade). 



Specs: NTSC version: NTSC M/N; PAL/SECAM version: PAL I, B/G, D/K, SECAM 
D/K, L/L; connectors: TV (antenna or cable) F-connector (NTSC) or lEC-connector 
(PAL); FM radio (antenna) F-connector (NTSC) or lEC-connector (PAL); direct A/V 
inputs: S-Video input 4-pin DIN (composite video via included adapter), line-level 
stereo audio stereo minijack x 2 



DualTV MCE 

$169 
Nvidia 

www.nvidia.com 
• ••< 



Due to the fact that a pair of TV tuners 
equip the DualTV MCE, users can record 
two TV programs simultaneously from dif- 
ferent channels or watch one channel while 
recording another. With the DualTV users 
can watch, pause, and rewind live or 
recorded TV programming, as well. The 
DualTV MCE can capture uncompressed 
video at resolutions of up to 720 x 480 
(standard definition), and it can record 
audio in PCM format with 16 to 24 bits 
per sample at up to 48KHz. 

The Nvidia DualTV MCE includes a 
compatible, useful remote control; a 
handful of video cables; and an FM 
antenna cable. Installation was a snap, 
and image quality was comparable to 
competing offerings from ATI. A 

by Marco Chiappetta 
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Voodoo PC AMD FX Gaming 
CrossFire OMEN ™r Gaml n9Cross Fire0MEN 




Voodoo PC 
www.voodoopc.com 
• ••• 



An AMD Athlon 64 FX-60 chip overclocked at 2.95GHz drives dual ATI Radeon XI 900 XTs. 



Back in January (page 26), CPU took 
a look at Voodoo's gold-plated 
OMEN Elemental, which sports an 
Athlon 64 4800+, Asus A8N32 SLI 
Deluxe nForce 4 SLI xl6 motherboard, 
a pair of RAID arrays, and a pair of 
GeForce 7800 GTXs in SLI. This time 
around we're looking at Voodoo's AMD 
FX Gaming CrossFire OMEN. With 
this ATI CrossFire Xpress 3200-based 
OMEN, there's a bit less glitz (literally 
sans the gold leaf) and a bit more sub- 
stance under the hood. 

The CrossFire OMEN I tested was 
based on an AMD Athlon 64 FX-60, 
Asus A8R32-MVP motherboard, ATI 
Radeon XI 900 XTX and Radeon 
XI 900 XT CrossFire master cards, a 
pair of 400GB 7,200rpm Hitachi drives 
in RAID 0, and 2GB of Corsair XMS- 
3500LL Pro memory. The CrossFire 
OMEN was also decked out with the 
same Voodoo OMEN Supercharged 
Intercooler along with Purple Voodoo 
super coolant that cools all three CPUs 
and dual GPUs combined. The inter- 
cooler also lets the OMEN's Athlon 64 
FX-60, which has a stock speed of 
2.6GHz, ship factory overclocked at 
2.95GHz, and it's still backed by 
Voodoo's one-year Desktop system 



warranty. To ice this scrumptious tech- 
nological cake offering, Voodoo in- 
stalled a Matrix Orbital MX333 drive 
bay, read-out display, which is pro- 
grammable and provides the user critical 
health-monitoring data and cooling 
pump status alerts. Finally, cold-cathode 
lighting and a mirror-paneled interior 
help dress it all up. To say this is a sys- 
tem for extreme performance enthusiasts 
is an understatement. 

Along with the CrossFire OMEN's 
crazy, high-end configuration and im- 
maculate "you could eat off of it" build 
quality, however, comes a hefty price tag 
starting at around $5,600. For that rate 
you do get a lot of performance in one 
killer-looking, cool-running, and relative- 
ly quiet rig. But how quiet is it? The 
CrossFire OMEN isn't as quiet as some 
watercooled setups I've tested, but its 
acoustical signature is fairly low-key and 
more than acceptable considering all of 
the horsepower you get in the package. 
There's no need for fan cooling on the 
system's dual Radeon XI 900 cards or the 
CPU because they're watercooled, but 
there are three 300mm fans: two for the 
radiator and one in the back of the chassis 
for ventilation. These fans do a good job 
of keeping thermals in check internally. 



Specs: AMD Athlon 64 FX-60 dual-core at 2.95GHz; Asus A8R32-MVP; ATI Radeon 
X1900 XTX and X1900 XT CrossFire master; Creative Sound Blaster X-Fi Xtreme Musk 
2GB Corsair XMS-3500LL Pro (TWINX2048-3500LL); Hitachi HGST 7,200rpm, 400GB, 
RAID (x 2); Pioneer DVD 1 10D dual-layer 16XDVD±RW 




Speaking of which, perhaps one 
of the most impressive aspects of 
the Voodoo CrossFire OMEN is its 
unbelievably well-designed interior. 
With bright, stainless steal plating on 
many of its internal surfaces, along with 
a system layout and ultra-clean cable 
management that is to die for, it seems 
as if the folks at Voodoo are as fanatical 
about product quality and design as 
their customers that step up to these 
high-end machines. As long as you can 
handle the initial sticker shock, you will 
be styling with the new Voodoo Cross- 
Fire Omen. This system really has its 
mojo workin'. A 



by Dave Altavilla 



Benchmark Stats 

Office XP SP2 

WME 9 and Mozilla multitaskinq 



Adobe Photoshop 

Ahead Nero Express 6 

3DMark06 Default Test 

Splinter Cell CT (1 ,600 x 1 ,200 4X AA) 

Far Cry (1 ,600 x 1 ,200 4X AA) 

Quake 4 (1 ,600 x 1 ,200 4X AA) 

F.E.A.R. (1,600 x 1,200 4XAA) 

* Time in seconds (lower scores are faster) 
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Maingear Prelude 



Although Maingear offers some truly 
high-end systems and features (includ- 
ing paint jobs and overclocking), it also 
offers a desktop line that strikes a balance 
between performance and price. The Pre- 
lude's $1,024.21 base price tag makes it an 
option for casual players and gamers on a 
budget, and Maingear's online system con- 
figurator lets users upgrade some or all of 
the system before it's built. It doesn't in- 
clude a monitor or speakers, but you can 
add extras (such as the tri-monitor Matrox 
TripleHead2Go) to your online order. 

A decent (but not fancy) 2GHz AMD 
Athlon 64 X2 3800+ sets the tone for this 
rig's component setup. Maingear beefed 
up the CPU a little by overclocking it to 
2.2GHz. The Asus A8N-SLI Premium 
provides SLI upgradeability, two LAN 
ports (one of them Gigabit), and 8-chan- 
nel sound. The lone 250GB Western 
Digital Caviar SE 16 WD2500KS shoul- 
ders responsibility for both the OS and 
your loads of game files, but the 1 6MB 
cache doesn't hurt. 

These modest components clear enough 
budget room for a single 512MB XFX 
Nvidia GeForce 7900 GTX. I like this 
choice: You can handle demanding games, 
and you can explode the Prelude's graphics 
power by adding another 7900 GTX when 
the card's price drops down the road. 

You can order Maingear's $299 paint 
job, but I'm betting most budget users 
won't want anything more than the stan- 
dard system's sleek, silver case. Maingear 
spiced it up a little by adding faux car- 
bon fiber logos to the side panel and 
front door. The only bling (and it's just 
enough) is the 120mm, blue LED fan. 
However, the fan plugs into the mobo. 
You can plug it in easily enough, but I 
prefer to touch the motherboard as rarely 
as possible, to avoid frying it. Overdrive 
PC solved the side panel fan problem by 
building a custom plug into the case. 
Something similar in the Prelude would 
make for a really nice touch. 



Two 80mm intake and one 80mm 
exhaust fan (along with that side panel fan) 
provide quiet airflow. Maingear further 
reduced noise by placing sound absorption 
foam on the inside of the panel and ceil- 
ing. The system isn't silent, but the fan 
noise is low, and the Prelude doesn't pro- 
duce any audible high-pitched sound. 

This Prelude pushes the limits of the 
budget price range, but it certainly deliv- 
ered the performance I expected. The rig 
scored 5720 in PCMark05 and posted a 
SYSmark score of 226. It also crunched 
our 500MB test folder with WinRAR in a 
respectable 4:24 (minutes:seconds) and 
encoded our test video in 10:05. That 
said, it really shines when you fire up the 
games and 3D benchmarks. 

The 3DMark06 5979 overall score is 
nothing to sneeze at, and neither are its 
game demo frame rates. The Prelude 
powered through the Far Cry demo and 
offered a reasonable 66fps in F.E.A.R. 
When I took the games for a spin, I 
found that it's not afraid of high set- 
tings. Not surprisingly, it stuttered some 
in Quake 4's Ultra mode, but the rig 
played well in High mode. 

The PC's default warranty is pretty ba- 
sic: one year of toll-free tech support. But 
Maingear stresses that it takes tech support 
seriously from the moment the order ar- 
rives. The techs even contact the user via 
email. "The email gives the customer some 
insight as to who the technician is and what 
he does for the company and his gaming 
likes and dislikes, giving the customer an 
idea that his machine is being hand-built 
by a real live human being," says Giovanni 
Solari, a Maingear technician. "It details the 
options the customer has such as partition 
requests for the hard drives, game installa- 
tions, and overclocking options among 
other things." That sort of personal touch is 
hard to come by, so I'm glad to see a bou- 
tique builder reach out. A 

by Joshua Gulick 




Specs: AMD Athlon 64 X2 3800+, Asus A8N-SLI Premium, Nvidia nForce4 SLI, 1GB 
Mushkin DDR400 (512MB x2), 250GB Western Digital Caviar SE 16 WD2500KS 
7,200rpm, 512MB XFX Nvidia GeForce 7900 GTX, Realtek ALC850 



Prelude 

$2,197.43 
Maingear 
(908) 624-9050 
www.maingear.com 
• ••• 



_enchmark Num. 

3DMark06 

SM2.0 

HDR/SM3.0 

CPU 

PCMark05 

CPU 
Memory 
Graphics 
HDD 



Dr. DivX (minutes:seconds) 1 0:05 



WinRAR (min:sec) 

Far Cry 

1,280x1,024 

1,280 x 1,024 (4XAA, 8XAF) 

Quake 4 

1,280x1,024 

1,280 x 1,024 (4XAA, 8XAF) 

F.E.A.R. 

1 ,280 x 968 
1 ,280 x 968 
(4XAA, 8XAF) 

SYSmark 2004 SE 
Internet Content Creation 

3D Creation 
2D Creation 
Web Publication 
Office Productivity 

Communication 
Document Creation 
Data Analysis 



151.22 
149.6 
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Big Mouths. 




Web Hosting 



Over 70% of our customers come from word of mouth, making us one of the five largest Windows® Web Hosting 
Companies in the world. Host with us and you'll start telling your friends and colleagues about CrystalTech too! 



DEDICATED 



• Windows 2003 Standard 

- Over $700 in FREE Software 

- Mail, Stats, DNS and more! 

FREE Setup + FREE 2 Months 
Promocode: CPU-D 



starting at 

op 



SHARED 

24/7/365 Toll Free Support 

-ASP.NET, ColdFusionMX, PHP and Perl 

-FREE Sitebuilder, FREE Shopping Cart 

FREE Setup + FREE 3 Months 
Promocode: CPU-S 



starting at 



www.crystaltech.com I 877.323. HOST 




web hosting, inc 






Anand's Corner 



AMD's Getting Serious 



Three years ago AMD was stuck in a posi- 
tion it had been all too familiar with in 
the past. Its first K8-based CPUs, code-named 
Hammer, were running a year behind sched- 
ule and Intel had quickly capitalized on 
AMD's failure to deliver with its 130nm 
Pentium 4. Had Hammer launched when it 
was supposed to and at the clock speeds it was 
supposed to, chances are Intel's hands would 
have been forced away from the P4 and its 
NetBurst architecture long ago. But things 
didn't work out as planned, and in September 
2003 AMD finally released its Athlon 64 and 
Athlon 64 FX processors. 

A lot has changed since then; the race for 
clock speed turned into the race for dual-core 
and eventually a movement for better perfor- 
mance per watt. With the Athlon 64, Opter- 
on, and Athlon 64 X2, AMD not only stole 
the performance crown away from Intel, it 
walked away with the technological leadership 
crown, as well. The AMD that everyone 
always criticized of being a follower and not a 
leader gently extended one finger to the nay- 
sayers and proved them all wrong with one 
very well-designed microprocessor. 

AMD was right about the architectural 
decisions it made with the Athlon 64; the 
CPU's simpler 12-stage pipeline was eventu- 
ally favored by Intel's Israel Design Center 
responsible for the Pentium M, Core Duo, 
and new Core architectures. AMD also had 
the foresight to focus on a solid multiproces- 
sor architecture, which later came to be quite 
valuable as the industry quickly switched 
focus from high clock speeds to multicore 
processors. AMD was the first to enable 64- 
bit on x86 and was right about the necessity 
of an on-die memory controller. You couldn't 
say that AMD was just a follower anymore, 
not with a straight face, at least. 

Though AMD maintained clear technologi- 
cal and performance advantages over Intel and 
later maintained a significant power advan- 
tage, the market continued to favor Intel 
CPUs. When Intel was shipping its most 
undesirable processors, AMD couldn't make a 
significant dent in Intel's market share. AMD 
chalks it up to Intel's anticompetitive prac- 
tices, and there may be some truth to that, but 



there was always one lingering limitation that 
held AMD back: manufacturing capacity. 

The fact of the matter is that AMD's Fab 30 
in Dresden, Germany, was the only AMD fab 
producing Athlon 64, Sempron, Turion, and 
Opteron processors. Then add dual-core 
Athlon 64 X2 and Opteron processors to the 
mix, and all of the sudden Intel can offer 
entry-level dual-core processors at almost half 
the price of AMD's. Even today, you can pur- 
chase a dual-core Pentium D 805 for a mere 
$132 — you can barely get a decent single-core 
Athlon 64 for that price. Looking forward, 
thanks to Intel being on a 65nm manufactur- 
ing process, its new Core microprocessor will 
debut as low as $209 for a dual-core chip. That 
will continue to be cheaper than AMD's 90nm 
CPUs because of manufacturing capacity. 

Intel can make more 65nm chips than AMD 
can make 90nm chips, which bluntly means 
that Intel can make smaller, faster, and cheaper 
(higher-profit) CPUs than AMD. While AMD 
could rest on its architectural and technological 
superiority for the majority of the Pentium 4's 
lifespan, that free ride is quickly coming to an 
end, something that AMD is very well aware 
of. So what is AMD doing? 

On the architecture side, AMD is being 
extremely quiet. I've been told not to expect 
anything serious until 2007, so we'll get 
DDR2 and some clock bumps this year, but 
that's all. On the manufacturing side, howev- 
er, AMD is moving in the right direction. By 
2008, the combination of Fab 30, Fab 36, 
and AMD's partnership with Chartered 
Semiconductor will allow AMD to double its 
current annual microprocessor output to 100 
million parts. 

AMD has finally begun shipments from 
Fab 36, which is the company's first and only 
300mm fab. (Fab 30 was only set up for 
200mm wafers, which obviously yield fewer 
CPUs thanks to their smaller surface area.) 
Fab 36 will also begin its transition to 65nm 
toward the end of this year, but it's looking 
more and more like 2007 will be AMD's real 
transition to 65 nm. Despite lagging behind 
Intel in manufacturing technology, as always, 
it looks like AMD may at least be catching up 
in terms of manufacturing capacity. A 



by Anand Lai Shimpi 




Anand Lai Shimpi has turned a 



fledgling personal page on 
GeoCities.com into one of the 
worlds most visited and trusted 
PC hardware sites. Anand 
started his site in 1997 at just 14 
years old and has since been fea- 
tured in USA Today, CBS' 48 
Hours and Fortune. His site — 
www. anandtech. com — receives 
more than 55 million page views 
and is read by more than 2 
million readers per month. 



. . .we'll get 

DDR2 and 

some clock 

bumps this 

year, but 

that's all. 



Talk backtoAnand@cpumag.com. 
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Shark- Tank- 



Pentium Extreme Edition 965: 

NetBurst's Swan Song 



by Alex "Shark/ Ross 



At this spring's IDF (Intel Developer 
Forum) the major excitement stemmed 
from demos shown on Intel's next-generation 
processors code-named Conroe and Merom. 
From the show a few highly impressive bench- 
marks were touted — and that's not even tak- 
ing into account the markedly low associated 
power consumption in comparison to the cur- 
rent Pentium 4 with 
NetBurst architecture. 

Are we there yet? 
Nope. So when Intel 
announced the release 
of its Pentium Extreme 
Edition 965, the excite- 
ment was rather easy to 
contain. Let's face it; 
the Pentium Extreme 
Edition 955 with its 

Presler core only came out a few months ago, 
and despite the fact that it was Intel's first 
run at the 65nm manufacturing process, 
sported two cores running at 3.46GHz, and 
came fully loaded with 4MB of L2 cache, 
yours truly was still gaming on AMD's FX- 
60. It's a bit hard to do cartwheels when 
you're used to getting slight speed bumps. 
So what's the big deal with the 965, then? 
Actually, it's not half bad and had a few 
surprises to boot. 

Intel clocks the 965's two identical P4 
Cedar Mill cores at 3.73GHz this go around. 
Each core has 2MB of cache, but both are 
now able to swap data via a faster 1,066MHz 
front side bus. One of the major issues with 
the previous 955 was the apparent lack of 
C1E halt state support, which dynamically 
throttles down the CPU's clock speed reduc- 
ing much needed power consumption on an 
already hot potato. Previous generation Intel 
CPUs already had this feature, but it got 
lost somewhere during the 65nm shrinkage. 
Don't worry, though, it's back now. It actual- 
ly works pretty well, too, and drops the clock 
back down to 3.2GHz when the CPU is idle 
and when it sees fit to do so. 




The unlocked multiplier certainly didn't go 
unnoticed in these waters either. Now why 
would a company like Intel do such a thing? 
Clearly for us to go overclocking — only this 
time without it being a finicky experience by 
balancing bus speed and other frequency 
adjustments. So that's just what a good few of 
us journos did. Seeing a massive 4.53GHz 

without any extrater- 
restrial fancy cooling 
certainly put a smile 
on my face (and yes 
the voltage had to be 
upped). With Intel 
likely releasing Con- 
roe at much lower 
clock speeds due to its 
improved efficiency, 
it's going to be a long 
time yet before we see speeds like that again. 
Think of this as Intel's way of signing off 
on a high note with its whole NetBurst archi- 
tecture. It's unlikely that gamers will be shed- 
ding a tear even if they did appreciate the 
technology's dominate performance when it 
came to video encoding. It took a long, long 
time, but finally Intel does have a gaming 
CPU that's within reach of AMD's top dog. 
The performance in Call Of Duty 2 was only 
a few frames per second in favor of AMD's 
Athlon 64 FX-60, and F.E.A.R and Quake 4 
weren't that far behind either. On the business 
side of the fence, the 965 is still a solid per- 
former, so no changes there then. 

The 965 will be out by the time you read 
this, and despite the rather positive experi- 
ence thus far, it's hard to recommend any 
CPU based on current technology that retails 
for more than $1,000; you just can't turn a 
blind eye to what's around the corner. If you 
absolutely must have the highest clocked 
CPU on the block, then by all means go for 
it, but I'd rather you avoid kicking yourself 
where it hurts in a few months once AMD's 
AM2 and Intel's Conroe hit the market at a 
much lower price. A 
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Disrupting Reuters ' newswire with 
a cheery Christmas greeting at age 
six, Alex "Sharky" Ross became an 
avid computer user/ abuser, eventu- 
ally founding popular hardware 
testing/review Web site 
SharkyExtreme.com. Exposing 
shoddy manufacturing practices and 
rubbish-spouting marketing weasels 
while championing innovative 
products, illuminating new technol- 
ogy, and pioneering real-world test- 
ing methods was just a font for 
playing with the best toys. The site 
acquired, he left in 2001. A 
London native and London School 
of Economics graduate, Alex cur- 
rently overcbcks/tunes Porsche 996 
Turbos with www.sharkwerks.com 
when hes not tweaking PCs. 

It took a long, 

long time, but 

finally Intel does 

have a gaming 

CPU that's within 

reach of AMD's 

top dog. 



Email meatsharky@cpumag.com 
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BENWIN Digital Surround Sound 

It's never been easier to use a 5.1 system. After an effort- 
less Plug and Play setup, you can enhance your gaming 
experience with a digital sound unlike any other. You don't 
need an amplifier. You don't need a digital decoder. All 
you need is a BENWIN 5.1 Hi Fi Wireless Remote 
Speaker System for superb sound in an instant. 

Toil-Free: 888-9-BENWIN 
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PC Modder 



Tips & Tutorials 



Modding does the body good. A PC's body anyway, inside and out. Here you'll find 
hardware, firmware, tools, tips, and tutorials for modding your rig's performance and 
appearance. Send us your own mod-related tips and ideas at modding@cpumag.com . 



Modding enthusiasts have a 
penchant for the latest toys. 
Fast processors, powerful 
video cards, silent SFF enclosures, and rad- 
ically lit motherboards are all fair game 
when it comes to a modder's creative 
mind. Recognizing the appeal of uncon- 
ventional customization, an entire industry 
has emerged to support the community. 

Mods & Ends 



Corsair Nautilus 500 External 
Liquid Cooling System 



If you're looking for an easy method 
for liquid cooling your system's CPU, 
take a look at Corsair's new Nautilus 500 
liquid-cooling kit. For AMD Socket 
754/939/940 and Intel Socket 478/ 
LGA775 processors, the Nautilus 500 
($159) is a self-contained unit that 
includes everything you need to cool your 
CPU. Additionally, the kit is compatible 
with other chipset and GPU water blocks 
should you want to upgrade later. 




Corsair takes liquid cooling mainstream with 
the relatively inexpensive and easy-to-install 
Nautilus 500 liquid-cooling kit. 



The 500 features a textured, black, plas- 
tic external enclosure that houses the kit's 
radiator, reservoir, pump, and cooling fan. 
On the front of the unit is a small slot off 
to the left that visually shows you the 
amount of liquid left in the reservoir. If you 
need to add water, there's a metal reservoir 
cap just above the liquid-level slot. Just 
remove the metal cap using a flat-head 
screwdriver or coin and pour water right in. 
At the back of the Nautilus 500, you'll find 
a switch, four-pronged power connector, 
and a pair of quick connections for the tub- 
ing, which is preinstalled on the unit's 
COOL water block. The switch essentially 
amounts to being a fan controller, with 
High and Low speeds available for high- 
performance or silent operation. 

An included power cable runs from the 
four-pronged connector to a notched slot 
cover plate, which connects to any avail- 
able 4-pin accessory connector coming 
from your system's power supply. To 
make using the Nautilus 500 even easier, 
there's no power switch on the unit. 
Instead, the Nautilus 500 draws power 
directly from the system power supply 
and turns on automatically when you 
power up your rig. Installing the Nautilus 
500 is also a snap thanks to an innovative 
quick-mounting mechanism. Corsair 
claims an installation time of 8:14 (min- 
utes:seconds) on its Web site. 



Sunbeam Silent Storm ATX Case 



In the market for an affordable new case 
that has plenty of expansion room, good 
cooling capabilities, and near-silent opera- 
tion? Sunbeam's new Silent Storm ($64.99) 



Sunbeam's Silent Storm 
chassis uses the company's 
new Core-Fan design to 

help systems run cool 

and quiet. 



IB ; 

may the right fit. Be- 
sides a side window, 
the Silent Storm features Sunbeam's new 
Core-Fan design, which lets you install two 
120mm fans inside the chassis to redirect 
airflow toward hotter-running components, 
such as the CPU or video card. 

Instead of sticking to the traditional 
lower-front and upper-rear locations for the 
fans, Sunbeam's Core-Fan design lets you 
place additional fans near the center of the 
case to keep air circulating at full speed 
through the system. One near-silent 
120mm Core-Fan (10,000rpm, 16dB), one 
blue-lit 120mm side fan, one 120mm 
exhaust fan, and an optional front-intake 
fan handle all the cooling. Additionally, the 
case features a tool-less drive and expansion 
card installation design that makes setup 
and upgrading easy. The Silent Storm, 
which comes in black and silver and black, 
also has built-in, front-mounted USB 2.0, 
audio, and microphone ports. 

Fashionably Fresh Firmware 



Plextor PX-760A DVD Recorder (vl.01) 



Plextor recently updated the firmware 
for its PX-760A IDE DVD recorder to 
remedy a problem that causes incomplete 
burns in Autostrategy Full mode. 

www.plextor.com 



M-audio Black Box USB (5.10.00.5076v2) 



The latest firmware update for M- 
audio's Black Box USB device improves 
ASIO support and incorporates a more 
user-friendly control panel. 

www.m~audio.com 



NEC ND-4550A DVD Recorder (vl.08) 



A new firmware update for NEC's 
ND-4550A internal DVD recorder 
enhances the drive's compatibility with 
different types of media. 

support.necsam.com 



by Marco Chiappetta 



CPU /June 2006 29 



hard hat area pc modder 



Adventures In Overclocking 



Above & Beyond With The Pentium D 805 



Back in the early days of over- 
clocking, Intel's Celeron 300A 
processor was the darling of the 
enthusiast community. The CPU was eas- 
ily one of the most overclockable proces- 
sors of its time, comfortably moving from 
its stock 300MHz to hit 450MHz when 
accompanied by adequate cooling. Today, 
though, there really isn't a processor that 
grabs the attention of overclockers quite 
the way the good ole' Celeron 300A did. 
Recently, however, Intel quietly released a 
budget-priced processor that has the 
potential to become a modern day 300A. 

The Pentium D 805 (about $130) is a 
dual-core LGA775 processor based on the 
Smithfield core, the same core the ultra- 
expensive 3.2GHz Pentium 840 Extreme 
Edition uses. Unlike the PE 840XE, how- 
ever, the Pentium D 805 clocks in at a 
paltry 2.66GHz and rides along on a 
slower 533MHz bus compared to the PE 
840XE's 800MHz FSB. But 2.66GHz is 
a walk in the park for the Smithfield core. 
We know from experience that Smith- 
field-based processors can hit much higher 
clock speeds than 3.2GHz, as some 840 
Extreme Edition and Pentium D 840 
processors have had little trouble hitting 
4GHz. So what's been holding the 
Pentium D 805 back? Nothing, probably. 
That's why we decided to take one of the 
affordable dual-core processors and tweak 
the hell out of it to see if we could get it to 
perform like a much more expensive part. 

The Participants 

To enhance our Pentium D 805's per- 
formance, we hoped to overclock it well 
beyond its rated specifications. To give us 
the best chance for success, we planned to 
slightly modify the processor by lapping 
and polishing the surface of the CPU's 
integrated heatspreader. We also invested 
in a Corsair Nautilus 500 liquid-cooling 



kit (about $150) to keep the core temper- 
atures lower than a standard aircooler 
could. We installed the processor, in addi- 
tion to 1GB of Corsair DDR2 RAM, on 
an Asus P5WDG2-WS motherboard, a 
first-class 975X Express-based board. 

We chose our respective parts for a few 
reasons, including stability, tweakability, 
and performance. For hard-core processor 
overclocking, it's always best to use top- 
notch supporting components. You can't 
expect to reach super-high clock speeds 
using a budget motherboard and sub-par 
RAM. If you're planning an overclock but 
you're saving money by using a lower- 
priced processor, invest some extra money 
for better cooling and pick up a high-end 
motherboard and good RAM. A high- 
quality power supply is also a good idea. 

Mod The Hardware 

Luckily, our Pentium D 805's integrat- 
ed heatspreader was fairly flat and didn't 
need much lapping. We spent some time 
sanding down the high spots at 
the corners of the heatspread- 
er, but that was about all the 
lapping we needed to do. 
(For more on lapping 
see the September 
CPU, page 50. 

With the lap 
ping finished, we 
then polished the 
heatspreader's 
surface so 
it had a mir- 
ror finish. 



For this we used a wadding cloth metal pol- 
ish called NEVR-DULL (about $5). This 
process involved tearing a piece of the 
wadding off, rubbing it on the metal, and 
using a clean cloth to remove the residue. 
Polishing the surface smoothed the many 
tiny peaks and valleys in the metal, but it 
also allowed for better contact between the 
integrated heatspreader and the heatsink (or 
a water block, as in our case). Better contact 
means superior thermal transfer and lower 
temperatures. As for our water block, 
Corsair shipped the Nautilus 500 kit with a 
water block that was already polished to a 
smooth, mirror-like finish, so we didn't 
have to mess with ours. 

Put It All Together 

With our processor's heatspreader 
lapped and polished, we were ready to 
install it into our motherboard and also 
mount the water block. After inserting 
the chip into its socket and locking it into 
place, the next step was to apply a 
smooth, thin layer of thermal paste to the 
CPU's surface. Because we lapped 
le heatspreader 
and our water 




Is the 

dual-core Pentium 

D 805 this generation's 

Celeron 300A where overclocking 

is concerned? Very well could be. 
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Corsair's 

Nautilus 500 is 

an easy-to-install 

self-contained liquid-cooling 

kit. The unit is also quiet and a better 

cooling option than a traditional 

heatsink-fan combination. 



block already had a smooth base, we only 
needed a minuscule amount of thermal 
paste. Thermal paste is designed to fill the 
tiny gaps where the heatspreader and 
heatsink (or water block) mate, but 
because we lapped and polished our heat- 
spreader's surface, we minimized the 
number of gaps present. 

Next, we mounted and secured the 
water block to the CPU. In order to 
install the Nautilus 500's water block on 



LGA775-based mother- 
boards, there are four plastic 
standoffs you need to insert 
into the four stock mounting 
holes surrounding the mother- 
board's sockets. You then must 
slide an H-shaped piece of foam 
over the water block, which you'll fol- 
low up by sliding an X-shaped bracket 
over the foam and water block. You'll then 
press the entire assembly down onto the 
four standoffs until the assembly locks in 
place. The Nautilus 500 is definitely one of 
the easiest liquid-cooling kits around to 
install. Completely uninstalling the water 
block, however, requires removing the 
motherboard from the system case and 
using a pair of needle-nosed pliers to disen- 
gage the plastic clips. 

Crank Up The Clock Speed 

After installing the processor and assem- 
bling the rest of our system, all that was left 
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to do was actually overclock the processor. 
We chose to use the tried-and-true system 
BIOS to do all our overclocking. Some 
motherboards offer the ability to use soft- 
ware to overclock from within Windows, 
but color us old-school because we still like 
to get our virtual hands dirty and tweak via 
the BIOS' text menus. 

In the Advanced section of our Asus 
motherboard's system BIOS, there is 
a submenu dubbed CPU JumperFree that 
houses all the overclocking-related options 
we needed to alter. In this BIOS section, 
we changed five options: CPU Frequency, 
DRAM Frequency, PCI Express Frequen- 
cy, PCI Clock Synchronization Mode, 
and CPU VCore Voltage. 

By default, our processor's front side 
bus frequency was 133MHz. By raising 
the frequency, we were able to increase 
the processor's clock speed. Raising the 
FSB, however, will cause the other com- 
ponents on the motherboard to also run 
out of spec, which could lead to instabili- 
ty. To prevent this from happening, 
we locked the PCI Express Frequency 
to 100MHz and the PCI Frequency 
to 33.3MHz. Then we set the DRAM 
Frequency to DDR2-667MHz to keep 
our memory running within its limits. 
With these items properly set, we then 
bumped up our processor's core voltage. 
The Pentium D 805 requires 1.25 to 




To ensure good contact 

between our processor and 

water block, we lapped and 

polished the CPU's 

integrated heatspreader. 

Corsair shipped the Nautilus 

500's water block with a 

mirror finish. 
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Performance: Before & After The Mod 



A thin, smooth application of high-quality thermal 
grease is a necessity for optimal thermal transfer. 




We made sure that our water block was fully installed 
and seated properly before overclocking the CPU. 





Pentium Extreme Pentium D 
Edition 965 805 Stock 
(3.73GHz) (2.66GHz) 


Pentium D 
805 Modded 
(4.05GHz) 




SiSoft Sandra 2005 CPU Arithmetic Benchmark 






Drystone ALU 21 928 1 4388 


22014 






Whetstone FPU 9131 3821 


5818 






Whetstone iSEE2 15519 6584 


10018 






PCMark05 CPU Benchmark Module 






CPU Score 6541 4406 


6524 




Cinebench 2003 (in seconds; low scores are better) 






Single thread 79.7 111.1 


74.1 






Multithread 36.9 59.6 


40.2 






LAME MT MP3 Encoding (in minutes:seconds; low scores are better) 






Single thread 1:08 1:35 


1:02 






Multithread 0:40 0:56 


0:37 






Half-Life 2 (800 x 600 low quality) 






FPS 140.45 101.78 


142.36 



When we began this project the goal was to take Intel's relatively affordable 
Pentium D 805 processor and make it perform like a much more expensive CPU. To 
determine if we succeeded, we benchmarked our processor at both its stock and 
overclocked speeds and compared the results to those of a Pentium 965 Extreme 
Edition, Intel's current flagship desktop CPU. Our testing setup included the 
Pentium 965 EE and Pentium D 805 CPUs, an Asus P5WDG2-WS (975X Express) 
motherboard, 1GB (512MB x2) of Corsair DDR2-675 RAM, a GeForce 7800 GTX 
video card, and 36GB Western Digital Raptor hard drive. 

As you can see, our modded Pentium D 805 had a lot of ground to make up to 
catch the Pentium 965 EE, which is based on the newer 65nm Presler core that fea- 
tures double the L2 cache as Smithfield (4MB vs. 2MB). The 965XE also features a 
faster 1,066MHz bus and is enabled for Hyper-Threading, so an operating system 
recognizes the CPU as four virtual processors. These features give the 965XE a 
decided advantage in the multithreaded benchmarks. Our modded processor's 
increased core clock speed, however, gave it enough of an edge to beat the 965XE 
in a majority of benchmarks we ran. Not bad for a $130 processor. ▲ 



1.4V for normal operation. Because we 
planned to push the CPU well beyond 
its rated speed, however, we cranked the 
voltage up to 1.55V. A slightly higher 
core voltage will typically allow for 
higher clocks. 

Next, we slowly raised the processor's 
FSB frequency until the system was no 
longer running stably. After a few hours 
of experimenting and testing for stability, 
we settled on a maximum FSB of 
202MHz. This resulted in a final core- 
clock speed of 4.05GHz (20 x 202MHz), 



an increase of 1,390MHz. At more than 
4GHz, our processor ran at about 110 to 
116 degrees Fahrenheit while idle. Under 
a full load, temperatures hovered between 
138 and 143 F. The Nautilus 500 seem- 
ingly had no trouble keeping tempera- 
tures in check. 

Feel The Power 

By choosing the right components 
and tweaking our hardware, we made a 
Pentium D 805 processor run at a much 
higher frequency than at its 2.66GHz 



rated speed — 52% higher, in fact. While 
overclocked to 4.05GHz, our Pentium 
D 805 offered all the performance of 
much more expensive counterparts, and 
even when we factor in the additional 
cost of the Corsair Nautilus 500 liquid- 
cooling kit, our setup is still roughly 
70% cheaper than a Pentium 965 
Extreme Edition. Our Pentium D 805 is 
fast and relatively cheap — just like the 
venerable Celeron 300A. A 

by Marco Chiappetta 
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COMPLETE THERM ALTAKE 
COMPUTER MODS, 
EXCLUSIVELY AT RADIOSHACK. 
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Here's how to shake up your next LAN party or computer competition. 

NewThermaltake Computer Modeling Components, coming soon to RadioShack. 

A collection of cool lights, cables, fans and more that let you totally trick out your CPU. 

So don't settle for the same old boring box. 

Bust out with some serious PC bling from Thermaltake, at RadioShac 

RadioShack will be the exclusive retailer of the complete line of Thermaltake Computer 
Modding Products. Go online to RadioShack.com and see the complete line 
of Thermaltake, or to find a participating RadioShack store near you. 



www.thermaltakeusa.com 



^QjE' Technology Co., i 



RadioShack 
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MOD 



Crunching Data & 
Looking Good Doing It 



The last time we saw a vertical PC, it was in a garbage can 
(Sept. 2005 CPU, page 34). The Tower PC is just as 
unusual, but you won't mistake it for trash. This 3.5-foot 
tall, multitiered piece brings to life Ivan "Navig" Liang's vision of 
a skyscraper-like computer case. As with many modders, Liang 
doesn't need much of an excuse to dig into a modding project. 
"My primary motivation for building this system was fairly sim- 
ple: I thought it would look cool," says Liang. 

Despite this beast's size and extra features (such as a remote 
that controls the system from afar), building it didn't cost much 
more than a decent prebuilt rig. Liang estimates he spent about 
$200 on materials, which include Aerocool's Lubic compo- 
nents, the remote, plenty of acrylic, and six 120mm fans. Liang 
took advantage of the system's design to create an impressive 
airflow system; external air cools the components on almost 
every tier. The system's lowest shelf, which houses the mother- 
board and a massive Scythe Ninja CPU heatsink, benefits from 
its floor intake fan and side intake and exhaust fans. 

Liang chose an Abit IC7 Max 3 motherboard and loaded it 
with 1GB of OCZ Platinum memory. The 256MB ATI X850 
XT video card sports a custom-cooling setup, thanks to some 
modified squirrel cage blowers and a special shroud. The system 
also has a 3.2GHz Intel 478 running at 3.76GHz and a 500W 
Fortron-Source Blue Storm PSU. The Tower PC also shows off 
its components at night with four white cold-cathode LEDs. 

Liang, an emergency department physician, spent about 
three weeks creating the Tower PC, but he says he could proba- 
bly build another in a week. He encourages would-be modders 
to throw convention out the window. "There are so many 
imaginative ways to put together components and still retain, or 
better yet enhance, functionality and performance," he says. A 

by Joshua Gulick 
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The super-tall case presented an unexpected 
challenge: Liang had to hunt for an IDE cable 
that could span the distance between the 
optical drive and the motherboard. 




This is the car remote control box. The remote 
lets users power on/off the PC's lighting and 
open the Lite-On SOHW-1693S'tray. 




Give Us 
Your Mod 



This motherboard voltage mod offers stable 
memory voltage to 3.2V and boosts the 
northbridge voltage, as well. 




Liang bought this six-fan controller for 
$5 and used its PCI slot mount to secure 
it to the Tower PC's chassis. 




Liang covered the DVD drive in dark paper and then built a 
spring-loaded door. You can't reach the drive's Eject button, 
but you won't need to with the system's remote control. 
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Get informed answers to your advanced technical 

questions from CPU. Send your questions along with a 

phone and/or fax number, so we can call you if 

necessary, to q8a@cpumag.com. Please include all 

pertinent system information, 



u 



. . .it's not just 



about the number 



of pixel pipelines 



and memory 



clock speed. 



» 



Each month we dig deep into the mailbag here at CPU in an effort 
to answer your most pressing technical questions. Want some advice 
on your next purchase or upgrade? Have a ghost in your machine? 
Are BSODs making your life miserable? CPU 's "Advanced Q&A 
Corner" is here for you. 

Matt H. asked: I've been reading your magazine now for a while 
and really appreciate the in-depth articles, how-tos, and Q&A section. 
A while ago I got the opportunity to create my dream gaming machine, 
but it still seems like I'm missing performance. I feel like three possible 
items might be holding me back. First I run RAID 5 with three 160GB 
Seagate SATA drives non-NCQ. I've recently heard that RAID 5 is very 
slow with small writes and that you shouldn't use it in a gaming rig. Is 
that true? Second, I use a dual-monitor setup on my ATI Radeon X800 
XL PCI Express card. Is using the extended Desktop robbing gaming 
performance from my PC? Third, I feel that perhaps my memory could 
be a bottleneck. I am using two 512 DDR2-533 sticks of Kingston 
HyperX on my Asus P5WD2 Premium SB. Will using the max speed 
memory the board will take make a big difference? 

My system specs: 

Intel Extreme Edition 840 processor 

Asus P5WD2 Premium motherboard 

Kingston HyperX DDR2-533 512 (x2) 

Seagate 160GB SATA drives (x3) in RAID 5 

ATI Radeon X800 XL PCI-E graphics card 

Dual DVD burners 

Antec Neo Power 480W power supply 

Thermaltake Bigwater liquid cooling in Thermaltake Armor Chassis 

Dual VGA monitors 

Al Wow, lots of questions here, eh Matt? And good ones, too, 
we might add. It's safe to say you have a good rig here and a bit 
more potential you could wring out of it. With respect to RAID 
5 performance, you're pretty much on track. Our friend Kyle 
rambled on about RAID 5 in his column in the February 2006 
issue of CPU (page 32), and he was spot on. RAID 5 was initial- 
ly deployed in server architectures for its excellent redundancy 
characteristics with block-level striping and distributed parity. It 
has good read performance at the expense of write performance 
due to the fact that it takes four disk I/O operations to write to 
the array (three reads of the parity bits and one write) along with 
a parity calculation. Sounds pretty intense, doesn't it? It is. 
RAID 5 CPU overhead for the software-level RAID controllers 
that are out in the desktop market is fairly steep. RAID 5 per- 
forms well in multiprocessing environments, which is why Intel, 
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Nvidia, HighPoint, and others in the chipset and controller 
market have been waving the flag in this dual-core processor age. 
RAID 5, however, is really best suited for environments that 
have a much higher percentage of reads vs. writes, such as a Web 
server where disk reads are critical to performance. The average 
desktop system has a much more balanced demand of reads and 
writes, though. We say go RAID 1 if you need redundancy or 
RAID if you want capacity and a bit more performance, but 
back up that RAID array. You're better off spending those 
CPU cycles elsewhere until RAID 5 for the desktop matures a 
bit more — that's if it does. 




Asus' P5WD2 Premium motherboard has several BIOS options 
and excellent stability for overclocking CPU and memory timings. 



For your graphics, spanning two displays is only a 2D Desktop 
function for the Radeon X800 you have, so that won't affect 3D, 
full-screen gaming performance. However, that RAM you have 
could definitely do better on that Asus P5WD2 Premium moth- 
erboard. You might be able to run it at DDR667 with slightly 
relaxed timings. Try bumping the memory voltage up to 2.85V 
and try different clock ratios in the BIOS. Otherwise, get some 
good DDR2-667-rated memory. You'll most likely gain a few fps 
with a good memory tweak. 

Kevin P. asked: My PC is about three years old. The specs 

are as follows: 

P4 2.4GHz DFI mobo with 1GB DDR400 RAM and 800MHz FSB 

Two SATA 80GB HDDs striped with RAID and a PCI RAID controller 

Radeon ATI 9200 Vivo „_ ^£* 

Onboard audio 

Windows XPSP2 

SonyDVD-RWDW-UlOA 

I don't overclock, and my system is very stable. Until recently the DVD 
burner worked fine. I have authored many home videos from my digital 
camcorder. However, in the past couple of weeks, the DVD drive no 
longer recognizes DVDs. It won't play them with PowerDVD or burn 
them with a movie maker. It does play and burn CDs. In the Properties 
tab under Device Manager, it says the burner is working properly, and I 



haven't done anything to the drivers since I first installed them in 2003. 
How do I get the burner to recognize DVDs again? 

Al This is an odd one for sure, Kevin. Usually an optical drive 
just dies altogether rather than stops handling one specific type 
of media. It sounds like either you have a firmware corruption 
issue in the drive or perhaps even some sort of odd WinXP cor- 
ruption. Before you reformat, though, try a couple of things to 
see if they will clear up your issue: Upgrade the drive's firmware 
to the latest version. A good resource, if Sony doesn't have it on 
its site, is The Firmware Page ( forum.rpc1.org/dl all.php ). Just 
browse to Sony and the model of your drive. Also, have you 
tried different types of DVD media with the drive? Because this 
drive is a few years old, it might be a bit finicky on the new disc 
types out on the market these days. This is something that you 
could also fix with a firmware update. (You seem to suggest it's 
also not reading standard retail production DVDs, however, so 
this may not be your problem.) Lastly, try blowing some 
canned air inside the drive to make sure it's free of dust and 
other foreign matter. If all else fails, reformat. If that fails, it's 
probably time for a new drive. Good luck! 

James T. asked: I just finished reading your review of the 
GeForce 7900 GTX, and I have some questions. I noticed that for the 
most part the GeForce 7900 GTX and ATI Radeon XI 900 XTX perform 
at about the same level depending on what game you're playing. I'm 
wondering how Nvidia's able to pull this off considering the GeForce 
7900 GTX has half the number of pixel pipelines of the ATI card, but 
both cards run at similar clock speeds. If the Radeon XI 900 XTX has 
48 pixel pipelines, the GeForce 7900 GTX has 24, both cards have 
GPUs clocked at 650MHz, and both have 512MB of RAM clocked at 
about the same level (1.6GHz vs. 1.55GHz), how on earth can the GTX 
win in some benchmarks? It doesn't make sense to me. 




How can a 
GeForce 7900 
GTX outperform a 
Radeon XI 900 XTX 
when it has only half 
the number of pixel shader 
units? Check out our answer 
on the next page. 
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Al There are a number of factors that determine the performance 
of today's high-end video cards, James; it's not just about the 
number of pixel pipelines and memory clock speed. The overall 
efficiency of the architecture, shader ALU performance, number 
of vertex units, memory controller, Z-Cull efficiency, and myriad 
other things all play a part in performance. In addition to that, 
we think you're confusing pixel pipelines with the number of 
pixel shader units in each GPU. 

With the release of the GeForce 6 and the Radeon XI K 
series of products, Nvidia and ATI decoupled the functional 
units within the GPU, letting each company alter the number 
of individual units during the design phase of the chip. This is 
how both companies can offer a top-to-bottom lineup of prod- 
ucts that all have essentially the same features. For example, 
the GeForce 7900 GTX has 24 pixel shader units with 16 
ROPs (Raster Operators or render back ends, depending on 
whom you talk to). The Radeon XI 900 XTX has 48 pixel 
shader units, but it, too, has 16 ROPs. With both Nvidia's and 
ATI's older graphics processors, the different stages in the 3D 
pipeline were linked, and there were an equal number of these 
parts in the GPU. If you still want to use the older terminolo- 
gy, technically both the GeForce 7900 GTX and Radeon 
XI 900 XTX have 16 pipes, but feeding the pipes are an 
increased number of pixel shader units. 

One of the reasons Nvidia's GPU can outperform ATI's, 
even though it has fewer shader units, is that in many games 
pixel shader performance isn't the limiting factor in the frame 
rate. If the game isn't using the additional shader units in the 
Radeon XI 900 XTX, they don't even factor into the equation. 
This is a vast oversimplification, but hopefully we've given you 
an idea of what's happening. You should also consider that you 
can't directly compare the individual units within ATI's and 
Nvidia's GPUs. Both companies design their parts differently, 
and even if they both created a GPU with the exact same num- 
ber of pixel shader units, vertex units, and ROPs and both 
products were clocked at the exact same speeds, the GPUs 
would still differ in performance because of the dissimilarity of 
their respective architectures. 

Kathleen I. asked: Tm fairly new to the do-it-yourself computer 
scene, and I think I got scammed by my local computer store. I 
bought the parts to put together my first system recently: Athlon 
64 X2 3800+, Asus A8N32-SU, GeForce 7800 GT, 1GB RAM, 160GB 
hard drive, etc. Everything seemed to work properly for about a 
month and then I started getting random blue screens in WinXP. I 
took the computer in for repair because I couldn't figure out what 
was going on, and the people at the store told me my memory had 
gone bad. At the time though, they didn't have the same PC3200 RAM 
that I originally bought, so they talked me into some PC4400 RAM by 
telling me it was faster and with it installed my computer would per- 
form better. I ended up paying an extra $100. Although they did seem 
to fix the errors, my system isn't any faster. I ran a couple of quick 
tests with SiSoft Sandra and PCMarkOS, and my system gets almost 
the same scores that it did before. Did I make a mistake paying the 
extra money for this memory? 



Al You probably didn't get scammed, Kathleen; your system just 
isn't configured to take advantage of your new RAM's ability to 
run at a higher clock speed. Even though you've replaced your 
ailing PC3200 RAM (DDR400) with PC4400 (DDR550), it's 
likely that your new RAM is still running at 400MHz DDR. 
Simply plugging in PC4400 RAM doesn't guarantee better per- 
formance; you'll also have to set up your motherboard's BIOS to 
take advantage of the new memory's capabilities. 

Simply plugging in 



PC4400 RAM does 



not guarantee better 
performance . . . 



There are two ways you could go about remedying your sit- 
uation depending on the type of motherboard installed in the 
system. Because you've got what is essentially a cutting-edge 
Asus A8N32-SLI motherboard based on the nForce 4 SLI 
XI 6 chipset, you could do either. Assuming you don't want to 
overclock your processor, the first way to take advantage of 
your faster memory would be to drop your Athlon's multiplier 
and raise the HT clock speed via the system BIOS. By default, 
your processor's multiplier is set to 10X with a 200MHz HT 
clock (10 x 200MHz = 2GHz). But your new memory is capa- 
ble of running at 275MHz (DDR550). By dropping your 
processor's multiplier to 7.5X, you could then raise the HT 
clock speed to 267MHz, which would result in about the same 
2GHz CPU clock speed. Your memory, however, would then 
be running 33% faster, resulting in more bandwidth and ulti- 
mately higher performance in some situations. Just make sure 
to lock the PCI-E and PCI clocks to keep other components 
running within specifications. 

The other way you could increase your memory's clock speed 
is to change the memory divider option on your motherboard. 
Because you have one of AMD's latest CPUs and an enthusiast- 
class motherboard, you can change the memory divider option 
and run your memory asynchronously from the HT clock. You'll 
find all of the options necessary to tweak your memory clock 
speed in your motherboard's BIOS under the Advanced, Config 
System Frequency, Voltage section. A 

by Dave Altavilla and Marco Chiappetta, 
the experts over at HotHardware.com 
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Sleek design. Silent operation. Multiple HDD storage bays with noise-supresslng dampeners. 

Zalman incorporated these essential features and more into their latest product. 
Introducing the HD160 - a feature-rich case that lets users experience quieter entertainment. 
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Most Recommended ZALMAN Components for Best Performance 
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D Gamina 



together to improve graphics perfor- 
mance. It greatly accelerates 3D render- 
ing, for example. 



Ultimately, Quad SLI technolog; 
should provide high-definition gamin; 
with impressive resolutions (2,560 : 
1,600) on extremelv large monitors. 



f you're the kind of PC gamer who 
looks at his 21 -inch monitor with its 
1,600 x 1,200 resolution and says, "I 
need more," Nvidia is wav ahead of you. 



Early in 2006 Nvidia began showcas- 
ing its latest high-end graphics technolo- 
gy: Quad SLI. Quad SLI lets four Nvidia 
GPUs within a single svstem work 



Quad SLI Nuts & Bolts 

During its introduction of Quad SLI at 
recent conferences, Nvidia and its part- 
ners showcased a configuration that 
included two separate GX2 boards, each 
of which featured two PCBs. All four 



Quad SLI technology and mother- 
boards initially are appearing only 
in complete PC systems. As of the 
first quarter of this year, a variety of 
North American vendors were tak- 
ing orders for systems featuring 
Quad SLI. Vendors listed here are 
expected to offer Quad SLI systems 
during 2006. (NOTE: Some vendors 
hadn't named their Quad SLI sys- 
tems at the time of this writing.) 



ABS 

Alienware 

Aurora ALX 



Biohazard 

Armageddon 

Cyberpower 

Gamer Ultra SLI Quad 

Dell 

XPS 600 Renegade 

Falcon Northwest 
Hypersonic 

iBuypower 

Gamer Titanium 



Maingear 

Beast 



Overdrive PC 
Polywell Computers 



Velocity Micro 

Velocity Raptor 
Signature Edition 

Vicious PC 

Commando Quad SLI 

Voodoo PC 



Quad SLI Configuration 
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Us communicati 



i each other through a IGBps SLI link (an 8- 
t link running at 1GHz). Each individual GPU 



three; rather, the connection is more like a 

loop among the four chips. For example, 

data communications between two of the 

GPUs sometimes must pass through a 

third GPU to reach the intended GPU. 




Source: Nvidia 



PCBs include an individual power con- 
nector, an Nvidia GPU, and 512MB of 
memory (giving the overall system 2GB 
of memory). Even though the Quad SLI 
system looks like four boards, it's actually 
two GX2 boards (each of which consists 
of two PCBs) that fit into two xl6 PCI 
Express graphics slots. 

Quad SLI By The Numbers 



By putting four GPUs in an SLI sys- 
tem, Nvidia has given gaming systems 



unprecedented power and capabilities. 
The first set of Quad SLI configurations 
makes use of four GeForce 7900 GPUs. 
The capabilities of Quad SLI include: 

• Resolution of 2,560 x 1,600 on a 
30-inch monitor 

• 32XAA 

• 16XAF 

• 48GPps (gigapixels per second) of raw 
graphics performance 

• 6TFLOPS of processing power 

• 96 pixel pipes 



• 2GB of onboard graphics memory 

Whether gamers are willing to spend 
several thousand dollars for a system featur- 
ing Quad SLI remains to be determined. 
Those who do purchase these systems, 
though, will experience a new level of PC 
gaming. It might not be a "quad"-ruple 
improvement over what vou have now, but 
it likely will be close. . 

by Kyle Schurman 




Quad SLI Rendering 



Memory 



GPU* 



Frame number 




Quad SLI can make use of three different rendering processes, 
depending on the situation. 

Working alone (AFR). In AFR mode each GPU renders 

one frame on its own, meaning each GPU would render 

every fourth frame. The driver manages the frame data, 

ensuring that each GPU has the data it needs to complete 

its frame. Upon completion, each GPU passes its frame 

to the output buffer. Then the GPU that's designated as 

the display chip (the primary GPU) manages the data 

passing from the output buffer to the display device. 



Working together (SFR). In SFR mode all four GPUs work together 
to render a single frame. The driver determines which GPU will per- 
form which tasks and passes on the required data. Each GPU also will 
receive enough secondary data concerning the other GPUs' work to let 
it properly finish its portion of the frame, so all four portions mesh 
together smoothly. (Each GPU might not receive the same amount of 
data to process, depending on how the frame will be constructed.) As 
in the AFR mode, the primary GPU then manages the passing of the 
data from the output buffer to the display device. 




Blending both (AFR and SFR). In this mode Quad SLI uses both AFR 

and SFR. Each pair of GPUs within each GX2 board works together to 

render every other frame. The driver handles both the splitting of data 

between the GPUs in the pair and the sending of the data for every other 

frame to each pair. After each pair sends its data to the output buffer, the 

primary GPU controls the sending of the data to the display device. 

With many games the combination of AFR and SFR will be best: SFR 
works well for accelerating applications, while AFR provides good per- 
formance scaling, and this mode often can provide gaming applications 
with the best of both worlds. Each game is different, however, and the 
Quad SLI technology determines the best rendering method to use. 































1 L_ J. 1 L-x ' 4- 




narc nat area white paper 


























Protecting High-Def Content At A Pri 






























steal from a to find a wav to nrotect the content. The nroblem? Mr 






\ A 


hen s 


hoplirters 


>st computer mom- 




\ A 










\ / \ 








\ / \ 


from higher prices. When a viding protection usually end up costing first part of 2006 dc 
ommits insurance fraud, everv- the average user more monev. which for HDCP. which n 






\/ ' 


, 






n t contain support 










thief c 


leans they won't be 














' j 


nsurance 


rates rise. And when appears to be the case here, too, as the able to play HD ni( 












~ ~i 


who crea 


te digital video content media and technology industries pre- resolution or play F 






people 


ID video at all. lo 










feel lik 


z video piracy is cutting into their 1 pare to roll out a protection system achieve HD conten 
and damaging and discourag- called HDCP (High-bandwidth Digital with HDCP, most us 


t that's compatible 










£• 


Ml 1 




pronts 


ers win neeo. to pur- 




^l 


i creative 


process, 1 




1 L 1 J 




ing thi 


:hev re some Content Protection . chase new displav anc 


playback devices. 




° 


1 ' ^ *~> *■ ' 














DCP System 






IHHHH 


II 




IHHHI 


IIIMHHMH 












s basic form, HDCP (High-bandwidth Digital Content directly between the transmitter and receiver tc 
tection) uses encryption to prevent unauthorized devices repeaters and multiple receivers. An HDCP sett 
n tapping into the video as it travels from the transmitter to up to seven levels of video repeaters and 1 28 1 
receiver. HDCP consists of three basic components: An Under some configurations the setup is con 
]P transmitter, such as a DVD player; a digital interface to Upstream Content Control Function, which help 
■y the signal, such as DVI (Digital Visual Interface) or HDMI whether the HDCP setup is authorized to receiv 
jh-Definition Multimedia Interface); and an HDCP receiver, Upstream Content Control Function isn't a part 
h as a TV or monitor. However, HDCP can handle multiple setup; in a PC setup, for example, the control f 
nection configurations, ranging from a simple connection piece of software. ▲ 
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An Introduction To HDCP 

Because HD media is digital, hackers 
can make perfect copies of the content 
using DVI (Digital Visual Interface) or 
HDMI (High-Definition Multimedia 
Interface) alone. DVI and HDMI provide 
high-quality playback for HD video. (See 
the "DVI, HDMI & UDI" sidebar for 
more information.) 

HDCP, however, uses encryption to 
protect digital video content as it's trans- 
ferred from the player to the receiver. 
Devices that aren't equipped with HDCP 
won't be able to play or display the HDCP- 
protected video or will only display it at a 
lower resolution. When manufacturers 



use HDCP in conjunction with the DVI 
and HDMI interfaces, it creates a protected 
link between the output device and the 
display device. HDCP is considered a form 
ofDRM. 

The first version of the HDCP speci- 
fication appeared in early 2000, well 
before most users gave high-definition 
content a first glance. The FCC adopted 
HDCP as a digital output protection 
technology in mid-2004. Intel initial- 
ly developed the HDCP protocol, and 
the Digital Content Protection, LLC 
(an Intel spin-off company) now con- 
trols licensing and oversees development 
of it. To use the proprietary HDCP 



specification, manufacturers must 
obtain a license for a fee. 



As part of the licensing process, 
licensees pledge that they will follow the 
HDCP rules regarding playing of the 
protected content on non-HDCP de- 
vices, meaning that they must play the 
content at no better than DVD quality 
when running it on nonapproved de- 
vices. Products that are compliant with 
HDCP will contain an HDCP Ready or 
an HD Ready logo. 



Play Content With HDCP 

If a user has HDCP-certified hare 
ware, playing HDCP-protected video 



Video Transmitter 
[Device A] 

Generate KSV and 64-bit value 

Use receiver's KSV to 
calculate shared value 

Verify that shared values are identical; check 
whether receiver's key has been revoked 

If everything checks out OK, begin 
transmitting encrypted video 




Video Receiver 
[Device B] 

Generate KSV 



Use transmitter's KSV to 
calculate shared value 



Receive video and decrypt it 



HDCP uses three elements to protect data. 

Authentication protocol. The HDCP transmitter communi- 
cates with the HDCP receiver (as shown above) ensuring that it's 
authorized to receive the protected DVI content. 

As part of its manufacturing process, each HDCP authorized 
device receives a 40-bit binary KSV (Key Selection Vector), 
which serves as the identifier in the authentication process. Each 
device also contains 40 private device keys that are 56 bits each. 

The HDCP transmitter sends an initiation message to the 
receiver, which contains the transmitter's KSV and a 64-bit 
random value that the HDCP protocol generates. The receiver 
then sends a responding message containing the receiver's KSV. 
If the receiver is a video repeater, it must identify itself at this 
point. The transmitter then must ensure that the receiver's KSV 
isn't included on a revoked list. 

Each device then calculates a 56-bit shared value making use 
of its private device keys and the other device's KSV. This value 
is shared and verified by the HDCP transmitter. If the shared 



value is the same for both devices, the HDCP transmitter 
authorizes the HDCP receiver to receive the video data. 

Data transmission/Encryption. During the authentication 
process, the two devices share encryption details, letting the 
transmitter send the DVI content as an encrypted stream that 
only the authorized receiver can decode. 

The transmitting device handles all of the encryption prior to 
sending the video stream. Every few seconds the transmitter 
changes the values the encryption process uses adding protec- 
tion against potential hacking. 

Locking out hacked devices/Renewability. As part of the 
protocol, the video transmitter can detect whether any devices 
inside the HDCP setup have been hacked. The transmitter then 
can lock those devices out, preventing them from receiving the 
encrypted video. 

If the transmitter knows that device keys have been compro- 
mised, new HDCP devices can ship with that information as well, 
locking out the hacked keys. ▲ 



Sources: Digital Content Protection LLC, Octava Inc. 
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content at the maximum resolution 
shouldn't be a problem. For a user run- 
ning non-HDCP hardware, however, 
problems are almost guaranteed. The 
severity of the problems when attempt- 
ing to run HDCP video on a computer 
depend on the piece of hardware or soft- 
ware in use and on the rules the content 
provider chooses. 

Windows Vista. Because the newest 
version of Windows won't be released 
until November 2006 (availability to 
business users) and January 2007 (avail- 
ability to all users), Vista's release will 
coincide with the early stages of HDCP 
product releases. Microsoft has already 
announced that Vista will fully support 
HDCP, and Vista will not play HD 
video at the highest resolution on non- 
HDCP devices. 

Although Microsoft's decision to fully 
support HDCP in Vista has received 
criticism from some members of the 
media and on some Internet message 
boards and blogs, in reality Micro- 
soft had little choice but to follow the 
industry rules and directions concerning 
HD video. If Microsoft chose to not 
support HDCP, the developers of the 



HDCP standard could simply lock 
Vista out; meaning users would not 
have the ability to play HD video on 
Vista computers, even with the correct 
HDCP hardware. 

Furthermore, users hoping to work 
around Vista's HDCP safeguards by 
refusing to upgrade from Windows XP 
will be disappointed; WinXP can't 
play HDCP-protected video at the high- 
est resolution, regardless of the hardware 
in use. 

Graphics cards. Understanding the 
HDCP compliancy of graphics cards is a 
little tricky. Most graphics cards sold in 
the past few years list HDCP compliancy 
in their specifications. However, this 
doesn't mean the graphics cards are 
HDCP certified', instead, it means the 
cards are ready to become HDCP 
certified as soon as the manufacturers 
add the proper chips to the cards. 

Unfortunately, the manufacturers 
must add the chips during the manu- 
facturing process, and very few card 
manufacturers have chosen to include 
the added expense of the chips on their 
cards yet. Because of the way an HDCP 
Ready video card must be manufactured, 



HD vs. Other Formats 



The HD video format joins several other video formats currently in use around the 
world. Here are some of the more popular ones. ▲ 



Video mode* 


Format 


Max resolution 
at 16:9 


Max pixels 

displayed 

simultaneously 


480p 


NTSC 


720 x 480 


346,000 


576i 


PAL/SECAM 


720 x 576 


415,000 


576p 


PAL/SECAM 


720 x 576 


415,000 


720i 


HD 


1 ,280 x 720 


922,000 


720p 


HD 


1 ,280 x 720 


922,000 


1080i 


HD 


1,920x1,080 


2,000,000 


1080p 


HD 


1 ,920 x 1 ,080 


2,000,000 



*With interlaced (i) video each scan pattern refreshes half of the horizontal lines (usually every 
other line); the next scan pattern refreshes the other half of the lines. As long as the refresh rate is 
fast enough, the human eye doesn't notice this process. If the refresh rate is too slow, though, the 
image appears to flicker. 

With progressive (p) video each pass refreshes all horizontal lines, requiring a more powerful dis- 
play. Progressive video doesn't suffer from flicker. 



a user won't be able to add a chip to his 
existing cards to make them HDCP cer- 
tified. The manufacturers will have to 
create entirely new graphics cards with 
the correct components to make them 
HDCP certified. 

Monitor. Very few monitors being 
sold today are HDCP-certified devices. 
(However, HDCP-certified TVs 
available for sale today are much more 
common.) If a user's output device is 
only compatible with one or more of the 
video interfaces most commonly in use 
right now (DVI, HDMI, or VGA), he'll 
almost certainly experience problems 
playing HD video, depending on the 
rules a content provider includes with 
the HD video. With DVI, HDMI, or 
VGA, the provider could choose to 
completely blacken the screen, prevent- 
ing the user from playing a video at 
any resolution, or the content pro- 
vider could choose to play the video at a 
lower resolution. 

To address the concerns of users, 
though, it appears many of the com- 
panies involved in development of 
HDCP are expecting to lower the video 
resolution instead of blackening the 
screen when playing HD video on 
non-HDCP hardware. 



Avoid Frustration 

One major question concerning 
HDCP is whether it's immune to hack- 
ing. This question is particularly relevant 
when considering the lack of success of 
content protection systems vs. hackers 
in the past. Unlike many other content 
protection systems, HDCP includes an 
additional layer of protection through 
which the software can revoke a device's 
keys if that device is hacked. Or if an 
HDCP hack hits the market, content 
providers can revoke the keys used in the 
hack, making it useless. 

However it's still doubtful HDCP will 
be completely immune to hackers. Several 
years ago researchers at Carnegie Mellon 
University found numerous problems 
with HDCP that hackers could exploit, 
for instance. 

Because HDCP video is only begin- 
ning to appear, there still seems to be 



Source: Wikipedia 
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time for those in the media and 
technology industries to alleviate some 
of the potential problems. Whether 
they're able — or willing — to give users a 
break and make some changes to HDCP 



DVI.HDMI&UD 



before HDCP video begins appearing 
with regularity sometime in 2007, 
remains to be seen. 

Otherwise be prepared to break your 
bank account by buying some new, 



high-end hardware that is fully HDCP 
certified if you want to view high- 
definition video content. A 



by Kyle Schurman 



HDCP will work via digital interfaces, DVI and HDMI, to deliver 
HD video. Because DVI and HDMI can deliver high-speed, HD 
video streams at high-end quality, the potential exists for video 
piracy; a user looking to make illegal copies of the HD video can 
use the interfaces to make near-perfect copies. While preventing 
the drawback of illegal copies, HDCP will continue to use the 
benefits of DVI and HDMI. 

UDI (Unified Display Interface) is the newest display 
interface, and it will attempt to upgrade VGA. Like DVI and 
HDMI, UDI will run at high-end speeds and quality, and it also 
will support HDCP. 

DVI. DVI is an older video standard that 
allows a high-speed connection 
between DVI-enabled CE 
devices, such as TVs and 



computers monitors. The 
video stream, even HD video, 
doesn't need any compression 
when using DVI. 

The DDWG (Digital Display Working Group; 
led by Compaq, Fujitsu, HP, IBM, Intel, NEC, and 
Silicon Image) developed the DVI specification. 

HDMI. HDMI is a newer technology than DVI and 
fully compatible with DVI products, but it provides 
many of the same benefits: high-speed and uncom- 
pressed transfer of HD video. HDMI's advantage 
over DVI is its ability to transfer both an audio and 
video signal; DVI only works with a video signal. 

HDMI Licensing oversees the promotion of the HDMI stan- 
dard and the licensing of the HDMI specification. Hitachi, 
Matsushita Electric/Panasonic, Royal Philips Electronics, Silicon 
Image, Sony, Thomson, and Toshiba founded HDMI Licensing. 

HDMI uses a 19-pin connector that's smaller than a DVI con- 
nector. The DVI connector is bulkier than HDMI, making use of 
24 pins and sometimes a ground blade with four additional pins. 

UDI. UDI is a new display interface technology, and the UDI 
Special Interest Group oversees development of the UDI. Version 
1 .0 of the UDI specification should be available in mid-2006. The 
promoter companies in the UDI SIG are Apple, LG, Intel, Sam- 
sung, National Semiconductor, ATI, Silicon Image, and others. 
The UDI SIG says it's developing the UDI specification as a 
replacement for VGA, helping companies and manufacturers that 
are making the switch from VGA to digital standards. 

UDI should work with varying levels of success with HDMI 
and DVI products. It's expected that UDI will provide the option 



of having a common connector to HDMI, which will allow for 
strong compatibility between the two interfaces. Components 
and devices that support both UDI and HDMI will be able to run 
in either mode. If, however, a user plugs a UDI computer into an 
HDMI TV, the audio that's available through HDMI will not be 
available through the UDI computer. 

The UDI SIG is running design tests to make sure that 
DVI-compatible electronics will work with UDI in the future. ▲ 




The DVI connector is bulkier than the connectors 
HDMI and UDI (Unified Display Interface) use. UDI 
will use connectors that are similar in size in HDMI 
connectors, and they will be compatible in many 
instances. UDI is designed to be a replacement for 
VGA, providing a much more streamlined connector. 



Sources: HDMI.org, DDWG.org, UDISIG.org, Silicon Image 
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UD. Is there a better acronym 
to describe the state of PC 
security today? Ask 10 differ- 
ent users ranging from new- 
bies to enthusiasts just how 
dangerous tooling around the 
Web is with Internet Explorer 
or how safe it is to open an 
email attachment from an 
unknown sender or how likely 
it is your system will become 
a zombie without a firewall in 
place, and you're likely to get 
10 different levels of comput- 
er knowledge, ranging from 
incredibly unaware to incredibly educated. 

For many novices there are seemingly more worms, virus- 
es, Trojans, and identity thieves lurking around every PC 
corner than there are stars shining in the sky. Case in point: 
Smart Computing magazine, CPUs older, big brother, offers 
a free technical support program to both subscribers and 
nonsubscribers r www.smartcomputing.com/techsupport ; 
(800) 368-8304]. To the credit of Smart Computing's writ- 
ers and editors and the job they continually do educating 
readers about PC security-related issues, the majority of 
those who call the tech support lines (most callers not being 
power users) for assistance express at least a general knowl- 
edge of the dangers of spyware, viruses, and other nasties. 

Many of those callers indicate they already have protec- 
tion in place in the form of firewalls and antivirus and 
antispyware protection, whether that hardware/software 
was preinstalled on their systems or they added it them- 
selves. Many also know of and religiously use Ad-Aware, 
SpyBot S&D, ZoneAlarm, and other free tools. But there 
is also a sizeable segment of users who are quick to blame 
any shortcoming their computer is suffering from on spy- 
ware, malware, Trojans, or more — whether the actual 
problem is something as security-unrelated as out-of-date 
graphics card drivers or insufficient installed RAM. And 
you have to believe those users represent an even larger 
segment of the overall computing population who are 
somewhat informed but also uninformed as to what real 
security dangers and symptoms really consist of. 
That's where the FUD comes in. 

Power users, of course, know that rela- 
tively safe computing is the result of a 
proactive blend of preparation, a 



little common sense, and a line of defense consisting of 
up-to-date weapons with which to battle the enemy. 
Unfortunately for even power users, the crackers and 
hackers who are the enemy are also power users who are 
typically just as smart, just as knowledgeable, and just as 
able to draw upon their own computing wisdom. The one 
overriding characteristic these power users possess that the 
majority of power users don't, however, is a streak of 
maliciousness they're willing to act upon. 

To that end, we present a series of articles this month that 
bring power users up-to-date about what's occurring in the 
PC security segment. Our coverage, of course, includes infor- 
mation on viruses, Trojans, spyware, phishing, and other 
obvious threats but also a security hardware roundup (page 
70); a comprehensive look at rootkits, the hacker's current fla- 
vor of the day (page 56); and a look at a theory that some 
antispyware makers are actually spyware perpetrators looking 
to turn a profit (page 48). Additionally, we have detailed the 
actual process a malicious user might use to spread a Trojan 
(page 60), information that is scarily only a Web search away, 
as well as data on hackers' increased reliance on social engi- 
neering techniques in the face of users installing better protec- 
tion, as Ronald O'Brien, a senior security analyst at Sophos 
told us: "(Hackers have) had to become quite sophisticated 
about how they get into a system . . . because so many people 
now have protection at the endpoint, there is a much greater 
dependence on social engineering techniques in order for 
these attacks to be successful." 

No matter where you fall in terms of computing experi- 
ence, PC-security threats are something we'll likely have to 
deal with from here out. Several studies would bear this out, 
including a "Corporate Anti-Spyware Market, 2006-2010" 
analysis from The Radicati Group, which forecasts that 
worldwide revenue from gateway- and desktop-level segments 
of the antispyware market will grow from $214 million in 
2006 to a whopping $1.4 trillion in 2010. More recently, 
McAfee researchers reported that the use of stealth technology 
(think rootkits) in malware/adware apps increased 600% in 
the last three years and nearly 700% in Ql 2006 from 2005. 

Perhaps the saddest fact of all is that whether you are a 
novice, power user, or fall somewhere in between, you 
are part of the PC-security war, whether you want to be 
or not — that is, if you want to keep your system opera- 
tional, your identity your own, and your information 
away from prying eyes. A 

by Blaine A. Flamig 
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Understanding The Plague 
That Is Qpyuiare 




magine that your computer is no longer 
your own. Someone has commandeered it 
to make himself rich at your expense. 
Eventually, your system may stop working 
or become so erratic and sluggish that 
you're forced to wipe it clean and reload 
it — only to have someone else hijack it later 
on. If you're really unlucky, it won't just be 
your computer that gets mulcted, but your 
passwords, bank account, phone bill, and 
possibly your credit rating. And all this 
happened because you clicked a pop-up ad. 
Chances are you don't have to imagine such a scenario; it's 
probably happened to you or someone you know. It's a scene 
playing out thousands of times a day around the world, thanks 
in great part to the profit-at-any-cost software scourge known as 
spyware or malware. 

Defining Spyware 

What exactly is spyware anyway? In short, it's a catchall term 
for programs that load into someone's computer, usually either 
against his will or without warning in an attempt to turn the 
rig into a money-making tool for a third party. This attempt 
usually consists of subjecting the user to unwanted advertising, 
but it takes many other forms, which we'll discuss later. Four 
key criteria describe the vast majority of spyware apps: 

1. They're unsolicited. Spyware generally loads without the 
user's explicit consent, usually through an unsecured Web 
browser (typically a pre-Service Pack 2 edition of Internet 
Explorer 6). In some cases, spyware asks for consent to load 
one item but then loads many others. In the vast majority of 
cases, you don't know something was loaded until it's too late. 

2. They're after your money. Spyware is designed to turn rev- 
enue for its creators. The exact form varies, but it usually 
involves annoying and difficult-to-ignore advertising. 

3. They violate your privacy. Many spyware apps silently record 
your Web browsing habits, turning that into money by sending 



you targeted ads. Because only you should be privy to what 
you're browsing, this is obviously highly invasive. 
4. They're self-obscuring. Spyware hides itself, and in this sense, 
it's a great deal like a virus. Removing it often requires 
detailed knowledge of the spyware in question, as the actual 
spyware rarely provides you with an Add/Remove Programs 
entry. When it does, it often only removes the most obvious 
signs of its presence; it's usually still there, waiting to reacti- 
vate whenever it can. 

Consider any program that meets three of these four criteria 
(or No. 2 and No. 3 alone, really) spyware. The one thing that 
distinguishes spyware from almost every other computer prob- 
lem is that its purpose is to make money for its creators at all 
costs and at the expense of your privacy and your computer's 
stability and security. 

Symptoms Of The Disease 

Because spyware conceals itself from you, what we usually see 
isn't the spyware but symptoms of its presence. Most symptoms 
first show up in your browser via the following: 

1. Pop-up windows that won't disappear. This is the most com- 
mon symptom. If you're seeing pop-ups you didn't summon, 
check for spyware immediately. 

2. Changed/redirected browser Start or Search pages. Many 
spyware apps try to force your browser to go to some kind of 





Do you want tc - 






1^1 










" signed or " 


.;:..''.:: .. . ■ ' . 



■:.!•:■:. 'r.-.tax-i;. Ivied"!:.! ;<.'... b::ah tlic'J: thi: ;,;;.■■:■:?. ■■: ; 
'• :;:. ::!•!■::!, I::i :;dy i,""t:;--:i lA'ii?".',' Ih: :;:rt:;;ct: ■■ ;■■■::!,! in.;;; 
■ . '•>.: : . .. -.fii ■ . ■ 



-. :: ;■[ ;-:-,-; : 



j I More Info | 



This is the sign of spyware 
attempting to install itself 
through a Web browser 
via an ActiveX control. 
Note the "scare warning" 
that attempts to trick you 
to click Yes, even though 
the component installed 
will do nothing to address 
the problem described. 
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The newest versions of Internet Explorer 
have far better defenses against installing 
components loaded from a Web page and 
slightly more detailed information about 
what's to be installed and why. 



ActiveXHelper provides detailed 
information about all the ActiveX controls 
that are installed in your computer and 
lets you disable any suspicious ones. 



monetizing search engine that is 
designed to lead you nowhere except 
to those who want your money. Spy- 
ware can also hijack IE's search func- 
tion this way. 

3. Spontaneous redirects. If you're brows- 
ing one page but suddenly find yourself 
at another, such as a bogus search en- 
gine, spyware is probably at work. 

4. Ad links on Web pages. Some spy- 
ware apps don't throw hordes of pop- 
up windows at you but instead do 
things like insert ad links into Web 
pages that weren't there before. If 
you're trying to author a Web site, for 
instance, and if you or other people are 
seeing ads you didn't put there, spy- 
ware may be present. 

5. Browser add-ons. Spyware may show 
up as new program toolbars in IE that 
you may or may not have installed. 

6. System Tray apps or Desktop icons 
you've never seen before. This is 
becoming less common as spyware 
does more to remain invisible, but it 
happens and should set off alarm bells. 

7. Other unexpected behaviors. Spyware 
makers are getting more devious and 
nasty, so this is by no means an ex- 
haustive list of all the symptoms you 
might experience. 

Aside from annoying behavior changes 
and personal information that could be 
exposed to third parties when spyware 
hits, there's a whole host of other nega- 
tive effects that spyware has on your 
computer. Most are instantly familiar to 
anyone who's suffered from them: 



1. Bad system performance. The system 
slows down horribly, especially the 
Web browser, typically the main vec- 
tor for spyware. Plus, constantly hav- 
ing to close stupid pop-ups slows 
down your performance. 

2. Instability. System crashes or inex- 
plicable lock-ups due to improper 
interactions between spyware and the 
rest of the system. Spyware apps are 
written to make money, not to play 
nice with your computer, so their cre- 
ators have no incentive to write sane, 
stable apps. 

3. Vectors for other problems. Spyware 
can bring in more spyware to your 
system and create security holes that 
bring in actual viruses. 

The majority of tech support calls that 
PC vendors log involve instabilities or 



changes in behavior due to spy- 
ware. Unfortunately, tech sup- 
port technicians often can't offer 
much more detailed advice than 
wiping the system clean. If that 
takes the computer back to a 
pre-SP2 state, the system is vul- 
nerable all over again. 

Sources Of The Scourge 

How does spyware infect most sys- 
tems? There are three common ways: 
l.Ad banners. Many sites that use 
unscrupulous ad vendors play host to 
spyware-delivery systems. An IFRAME, 
the part of a Web page that loads inde- 
pendently of everything lese, usually 
hosts ads, so the ad can contain any sur- 
reptitious data the ad vendors want. All 
a user has to do is use an insecure 
browser to visit a page with a spyware- 
loading ad on it and he's hit. 
2. Trick downloads. Spyware is often 
bundled with another, apparently 
innocuous free download or packaged 
in the form of a program that does 
good things for your computer, such as 
a spyware scanner or system-cleaner 
tool. (See the "Fighting The Fire, 
Feeding The Flames?" sidebar for 
more.) Many P2P file-exchange pro- 
grams bundle downloads like this and 
justify including it through provisions 
in the EULA. Such EULAs are usually 
designed to be difficult to read, com- 
pelling people to just click through 
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ShellExView, a brother to ActiveXHelper, gives you a list of all 
BHOs and shell extensions currently installed and also places 
where adware loves to nest and breed. 
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Ad-Aware, probably the first professionally produced 
antispyware program, still does a very good job of scanning 
your system for problems in its free incarnation. 
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Spybot Search & Destroy not only scans for existing spyware 
but also proactively blocks components known to be bad from 
ever getting installed in IE in the first place. 



them without understanding what 
they're getting into. 
3. Ad-supported shareware. Some share- 
ware uses ad components that often 
show up as spyware. Some of these ad 
systems are perfectly legitimate, but it 
can be prohibitively difficult to tell 
which ones are and aren't. 

Cashing In 

Ad banners aren't the only way spy- 
ware applications try to make money. 
Other tactics include: 

1 . Affiliate fraud. If a Web site uses an 
affiliate program, such as Amazon 
.corn's referral system, some spyware 
programs hijack the referral informa- 
tion on the fly and resubmit it so that 
the referral goes to the spyware's 
authors, not to the actual referrer. 
This isn't something most end users 
notice, and it's almost invisible to 
most affiliates who get their clicks 
stolen in this fashion. 

2. Identity theft and phishing. Spyware 
doesn't shy away from using some of 
the dirtiest tricks of the Internet age. 
The infamous CoolWebSearch spyware 
family of apps harvested everything 
from bank account information to site 
passwords; after their malfeasance was 
made public, the FBI stepped in. 

3. Wire fraud. Modem users get hit with 
this one a lot: A spyware app silently 
dials out to a long-distance or overseas 
phone number and runs up massive 
charges on the victim's phone bill. 
Fortunately, this variety of scam is on 
the way out, as fewer people are using 
dial-up connections. 

If spyware is lucrative, just how lucra- 
tive is it? Exact estimates of how much 
money spyware generates is difficult to 
come by, but best guesses put it in the bil- 
lions annually. Before major crackdowns 
on spam got underway, spam was equally 
big business, although its slice of the pie 
has been mercifully dwindling. As many 
people are still terribly vulnerable to spy- 
ware, the bulk of the money may have 
shifted from spamming people en masse 
to deploying spyware. It's much harder to 
guard against spyware than it is to delete 
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unwanted Viagra ads, and it probably 
generates more money, too. 

The Virus Connection 

The spyware phenomenon shares so 
much in common with how viruses are 



created and operate, it's tempting to 
lump the two into the same category. 
However, they are as different as they 
are similar: 

1. Fortune over fame. Most virus writ- 
ers create a virus and release it into 



the wild to make a name for them- 
selves. Spyware is created primarily to 
make money, either through gray- 
area advertising or through illegal 
keylogging and information-harvest- 
ing techniques. 



The good news is that you can get excellent protection against 
spyware without having to pay a dime. At least three of the best 
antispyware apps have free versions for personal use and are 
updated religiously. Many people run more than one antispyware 
program to acquire a larger range of coverage. For example, 
Ad-Aware catches some things that Spybot doesn't, and vice 
versa. However, keeping more than one antispyware solution on 
your computer may not be a good idea in the long run as anti- 
spyware programs grow more complex and intricate. 

Free Applications 

Here's a look at some of the best free apps available: 
Ad-Aware ( www.lavasoft.de ). Ad-Aware was probably the first 
antispyware program of note and remains one of the best 
thanks to its sophisticated scanning engine. It can scan an 
entire system (slow but thorough) or look at crucial system 
locations where most spyware infections would show up 
(fast). A commercial version has more features, such as 
proactive ad blocking, but the basic version is fully functional. 
Google was fond enough of Ad-Aware that it gave it a place of 
honor in its Google Pack suite ( pack.google.com ). 
~ Spybot Search & Destroy ( www.safer-networking.org ) . SpyBot 
is free forever thanks to its author's diligence, and the app is 
updated regularly with new patterns and scanning functions. 
SpyBot can proactively and unobtrusively block known bad 
components before they infect your computer. It also provides 
skilled users with a plethora of tools for protecting against and 
undoing spyware damage. Less technical users can simply 
push a button and scan. 

Microsoft Windows Defender ( www.microsoft.com/athome 
/security/spyware/software/defaultmspx ). Still in Beta 2 at 
this writing, Defender is remarkably robust and powerful. It 
integrates tightly with Windows— for example, Automatic 
Updates deliver the program's pattern files— and sets up 
various real-time protections against new infections. 
Defender doesn't scan for browser cookies, unlike many 
competitors, because you can manage those manually. 
Defender concentrates on more stubborn problems. The 
app also reports sanitized data about its findings (for exam- 
ple, no personal data is logged) on an opt-in basis. Micro- 
soft provides Defender free to licensed Windows users and 
will do so after it's finalized. 



Suites & For-Pay Programs 

If there are so many good, free spyware programs, why pay 
for one? Because for-pay programs come in suites that pro- 
vide protection against other threats. We detailed numerous 
such programs in April's 2006 CPU (page 72), but here's a 
quick rundown: 

• Aluria Security Center 4.0 ($59.95; www.aluriasoftware 
.com ). The best thing about Aluria is how it scans for virus- 
es and spyware as a single, unified threat. Given how per- 
sistent some spyware is, it's not surprising that Aluria 
takes this approach, and many vendors are following suit. 

• McAfee Internet Security Suite 2006 ($49.99; www.mcafee 
.com ). Another suite that merges spyware and virus scanning, 
along with protection against worms, Trojans, and scripts. 
McAfee refers to these collectively as PUPs, or potentially 
unwanted programs. 

• Norton Internet Security 2006 ($69.99; www.symantec.com ). 
Norton's AntiSpyware product is, not surprisingly, part of 
Norton Antivirus' general regime of system protection. 
Symantec also lets you buy and add additional suites (such 
as SystemWorks) that elegantly snap into the product. 

• Trend Micro PC-Cillin ($49.95; www.trendmicro.com ) . 
One of the best antivirus suites around now also sports 
antispyware and a slew of antifraud browsing-security 
features (antiphishing, sensitive-data control, etc). 

• ZoneAlarm Internet Security Suite ($49.95; www.zone 
labs.com ). Of course, ZoneAlarm is of one of the best and 
most widely used personal firewalls around, but ZoneLabs 
recently added antispyware to the mix, so existing users of 
the ZA freeware can upgrade to the full product and add that 
in seamlessly. 

Bonus Tool: CoolWebSearch Shredder ( www.trendmicro.com 
/cwshredder ). Bad news: The infamous (and dangerous) 
CoolWebSearch is like the chest cold of spyware apps, bother- 
some, persistent, and next to impossible to get rid of. Good 
news: Trend Micro has a standalone utility that does nothing 
but root out and destroy all variants of CWS. Best news: It's 
free and small enough to store on a USB flash drive for quick 
system repair. Keep it handy if this monster attacks you or 
someone you know. ▲ 



CPU /June 2006 51 



spotlight 





Quick scan 

Start time: 5:08 PM 

Time elapsed: 00:00:55 

Objects scanned: 



Status 




Last scan: 
Scan schedule: 

•:>■■: :;■*:: ;: ::.::::.:;:■" 
Signature version: 


":: . I.':/: : ' \ .. :: . :,::.-■ 

Daily at 2:00 AM. 

On. 

114.13G1.ebui! 1 5:08 AM. 



Microsoft's antispyware program is simple, unobtrusive, 
and tightly integrated with the rest of Windows. 















1 


Anti-Spywarc 














% 






X 


•1 


L 




*J 


Arti -Virus 


9 

Anti-SPAH 


W> 






File View 


Options Tools 


Help My Anti-Spy 


*are/Anti-Virus 








leScan 










► ! Prevention 




Welcome to Aiuria One 

W Welcome to the Aiuria OneS 
)*■ of your computer, click 

One Scan will identify and re 


Scan! 

can. To run a s 


Status ▼ 


1.2,12 

Scan Engine: 
Spy ware: 1.3.06 

Anti-Virus: v4.305 

Definition Version: 
Spyware: 01-26-2006 

Anti-Virus: 01-26-2006 

Last Scan: 
1/27/2006 




l-(.' 


Scan No. | 




Vj \ 




1 1 


|0B 


I Want To ► 




Resources ► 





Aiuria scans for both spyware and viruses as one threat. 



2. Spyware authors learn from virus 
authors. The technology that viruses 
use has grown incrementally more 
sophisticated in the last few years and 
still relies on exploiting many of the 
same basic techniques: user gullibili- 
ty, buffer overflow conditions, and 
more. Spyware, however, is using 
more explicitly virus-like tricks to 
gain an upper hand, including poly- 
morphism (such as disguising a 
program's code to keep it from being 
recognized), stealth behaviors (mak- 
ing the app hard to detect in the first 
place), etc. 

Many of the same techniques used to 
catch viruses, such as signatures and pat- 
tern files, can be used against spyware. 
Originally, most spyware scanners 
depended explicitly on pattern files, or 
looking for specific files or Registry 
entries, to confirm the existence of 
pieces of spyware. Now that spyware is 
getting sneakier, spyware scanners must 
use more advanced techniques, such as 
the heuristic technologies that virus 
scanning uses. 

It's hard to say if spyware or viruses are 
worse. They are both bad, but they pre- 
sent two distinctly different kinds of 
bad. Many viruses destroy data, and if you 
don't have the data backed up, there's 
no getting it back. People who design 
spyware, however, are aggressively inter- 
ested in money and who will do almost 



anything to get it, such as steal personal 
data and use it to run up a tab somewhere. 
For those reasons spyware is consid- 
ered as grave a threat as viruses by most 
security-conscious users. This goes dou- 
bly for the newest breeds that use root- 
kits, another technique the virus/Trojan 
world has adopted freely. Rootkits take 
enormous steps to hide not only from 
the end user but from the operating sys- 
tem, making them virtually impossible 
to detect conventionally. Originally, they 
were used to provide a stealth backdoor 
to a computer without the user's consent 
or knowledge, but the cloaking technol- 
ogy that rootkits use are now being used 
in many other places, including spyware. 
Most antispyware programs can't yet 
detect or block rootkits, either. (See the 
next article in this section for more 
on rootkits.) 

(In)Direct Connections 

One of the dirtier secrets of spyware is 
how many legitimate companies have 
their products or sites pitched to people 
through a spyware app's ads, which, in 
turn, makes those companies look bad. 
People who book such advertising space 
usually do so through third-party bro- 
kers, so some aren't always aware spyware 
is advertising their products or services. 

Sometimes, these connections ensnare 
people who should know better. Ben 
Edelman, an antispyware activist who 
conducts research and reports into the 



spyware phenomenon, reported that 
Yahool's Overture advertising service 
had tenuous links to a spyware-driven 
scam that generated money via ad-click 
fraud. Yahoo! was being tricked into 
charging advertisers click fees for fake 
traffic, no thanks to a spyware program 
that was written to take advantage of 
Yahool's ad networks. (You can see 
Edelman's full report at www.benedel 
man.org/news/040406-1.html .) 

In a similar case, Google is working 
to settle a class-action lawsuit against it 
that alleges its ad rates were artificially 
inflated due to unscreened click fraud. 
The Center for Democracy and Tech- 
nology has published its own report, 
"Following the Money" ( www.cdt.org 
/privacy/20060320adware.pdf ) that 
examines how many legitimate compa- 
nies are inadvertently (and sometimes 
not so inadvertently) fueling the spy- 
ware problem with their ad dollars. The 
biggest problem is the sheer complexity 
of the network of advertisers, brokers, 
and ad-affiliate systems, which obscures 
the real guilty parties. 

Although many states are contemplating 
or have passed legislation criminalizing spy- 
ware, there are two problems with such 
bills/laws. First, some provisions may be 
very difficult to enforce effectively or may 
be unfairly broad. Second, most laws ignore 
or downplay the connections between spy- 
ware companies and their funding, possibly 
thanks to influence by lobbyists in the 
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online ad space. California's SB 1436 bill 
was widely criticized for being defanged in 
this manner. Most tech experts aren't con- 
vinced legal measures will do more than 
provide token protection anyway. 

It's becoming clear that spyware isn't 
just fleecing those whose computers it 
gets installed on; it's hurting everyone. 

Swab The Deck 

Spyware is often difficult to remove 
due to the ingenious ways it hides or 
tries to cover its tracks. Usually, people 
can remove common spyware varieties 
by scanning with an antispyware app 
and following its recommendations. But 
as spyware gets sneakier and nastier, 
users must use more technical means, 
such as booting and scanning in Safe 
Mode, erasing the System Restore repos- 
itory, and performing manual edits on 
system files. 

In a presentation at the InfoSec World 
Conference in April 2006, Mike Danseglio, 
Microsoft security solutions program man- 
ager, claimed that business should set up 
system-imaging solutions — in other words, 
automated ways to wipe and reload a sys- 
tem — as the only practical way to deal with 
malware. For businesses where data gener- 
ally isn't stored on individual machines, 
this is actually fairly sound advice. But for 
end users, it's a ghastly hassle to wipe and 
reload on demand. 

As one response to the growing com- 
plexity of the cleanup problem, many 
makers of antispyware and antivirus pro- 
grams are merging their approaches. 
Aluria, makers of an antivirus and anti- 
spyware defense product, have a One- 
Scan feature where both types of threats 
are scanned for in one pass. This isn't 
just a time-saving measure; the antivirus' 
heuristics engine can also help detect 
spyware if it tries to disguise itself 
or appear in forms not detectable with 
pattern files. 

Lines Of Defense 

The best way to clean up from spyware 
is to never get infected in the first place. 
That means tightening your system's 
defenses against spyware and reducing the 
risk of getting exposed to it. The first step 
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ZoneAlarm, one of the original personal firewalls for the 
PC, now has antispyware protection. 
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is technical, and many strides have been 
made in the last year or so to reduce the 
total "attack surface" for spyware in 
Windows. The second is behavioral, and 
therefore harder to change. 

Any WinXP user should not be run- 
ning anything less than SP2 with its secu- 
rity upgrades and changes to IE, which 
makes it that much harder for spyware to 
get a toehold. Much has also been made 
about switching to another browser, such 
as Firefox, but there are still many third- 
party programs and system components 
that render Internet content through the 
IE engine. AOL Instant Messenger is one 
such application. Changing the browser 
you use won't necessarily change the 
browser those programs use, so make sure 
you toughen up IE, as well. 

Antispyware programs also have their 
own lines of protection. Spybot Search 
and Destroy, for example, has an Im- 
munize function for IE that proactively 
blocks known bad products against being 
loaded or executed by using a technique 
native to IE. This is done mostly by pre- 
venting IE from running any known bad 
objects in a class of ActiveX BHOs. 

Aside from the BHO analyzer that's in 
Spybot, a couple good third-party apps 
were written specifically with BHOs in 
mind. NirSoft's ActiveXHelper ( www. 
nirsoft.net/utils/axhelper.html ) can help 
quickly decipher which BHOs are legit 
and which aren't. To get an overview of 
all the shell extensions (including BHOs) 
installed in Windows (including any that 
might be malware), check out NirSoft's 
ShellExView ( www.nirsoft.net/utils/shex 
view.html ). The program can debug some 
IE crashes caused by malware. 

Break Bad Habits 

If the biggest vector for spyware is bad 
Web sites, part of the solution to the spy- 
ware problem is giving people a sense as 
to how unsafe a given Web site may be 
before you go there. SiteAdvisor.com, a 
site-research community, has been using 
automatic Web crawling and controlled 
user browsing and feedback to build a 
massive database of known good sites that 
don't host spyware or other problems, 
such as phishing scams. 



If you install SiteAdvisor's free brows- 
er plug-in (available for Internet Ex- 
plorer and Firefox), it checks any sites 
you visit against its database. Sites 
known to host spyware pop up a warn- 
ing, and search results from Google or 
Yahoo! can optionally have "good site" 
and "bad site" icons automatically ap- 
pended to them. The IE version is a lit- 
tle more aggressive with warnings; it 
pops up a pointer balloon over the page 
to show that the warning is coming 
from the browser and not from a pop- 
up on the page itself. In keeping with 
wanting to maintain a good netizen 
image, no personally identifiable infor- 
mation is ever transmitted. If you want 
to comment on a site, you can submit 
information to SiteAdvisor. If you run 
into a site listed in its database, you can 
comment on it, as well. 

The idea is solid, and the plug-in 
doesn't seem to create more problems 
than it solves; it is stable and relatively 
unobtrusive. Whether users actually 
widely adopt it is another story: It's a lot 
harder to change users' browsing habits 
than it is to get them to install a service 
pack. If the description intrigues you, 
give it a try. If it works for you, recom- 
mend it to others. A little pressure can 
change a lot. 

The End Of The Road? 

Spyware started in part because of 
easily exploited deficiencies in the way 
Web browsing and software programs 
work. Changes in IE and Windows are 
in progress to help fill those holes. With 
better OS and application security, it's 
possible to see a future where spyware as 
we know it simply won't work anymore. 

That doesn't mean, however, that 
computer crime or exploits will stop. It 
also doesn't mean that unsavory connec- 
tions between shady online ad firms and 
their clients will vanish overnight. But it 
could mean the end of drive-by infec- 
tions where you're punished with a spy- 
ware infection for merely visiting a Web 
site or installing an application. That's 
well worth looking forward to. A 

by Serdar Yegulalp 



Fire, Feeding 
The Flames? 

Are antispyware creators actually 
responsible for creating and releas- 
ing spyware just to give their pro- 
grams something to do? Even people 
who don't normally entertain far-out 
conspiracy theories seem to be giv- 
ing this idea credence. It's a little like 
one of those movies about a drug 
company releasing a disease so it 
can sell the cure. 

But is there any truth to it? To get 
a straight answer, we turned to Mark 
Russinovich of Sysinternals.com, a 
respected and knowledgeable Win- 
dows maven who understands the 
guts of Windows. Russinovich is the 
man who broke the word about Sony 
surreptitiously placing DRM-enforc- 
ing rootkits on audio CDs, and he 
helped force Sony to take the discs 
off the market. 

In an article titled "The Antispy- 
ware Conspiracy" ( www.sysinternals 
.com/blog/2006/01 /antispyware- 
conspiracv.html ), Russinovich 

researched the subject in detail, 
coming to two conclusions: No, 
major antispyware makers aren't 
responsible for releasing spyware, 
but numerous smaller, dodgier pub- 
lishers are. Russinovich identified 
three antispyware applications — 
Spyware Cleaner, SpywareStormer, 
and SpySheriff— as being suspect. 
All were sold through pop-up ads, 
and in each case it was very difficult 
to tell who actually wrote the app. 
They all also operated selectively, 
deliberately ignoring spyware that 
the same people providing the 
cleanup applications wrote. 

Your best defense against such 
nonsense is a top-shelf antispyware 
program and good browsing and 
PC-security habits. A 
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f you thought Internet viruses, spyware, 
spoofing, and hack attacks were as bad as it 
could get, think again. There exists another 
variety of computer threat that operates in 
such silence and secrecy that most people 
never know they've been hit until long after 
it's too late. This threat is the rootkit, which 
thankfully is beginning to get wider notice 
now that it has crossed over into Windows 
from the Unix world. 

The Root Of The Problem 

Let's start by defining some terms. A rootkit is any program 
that works in the following ways: 

1. Invasively. A rootkit enters your computer under false pre- 
tenses, perhaps masquerading as another program or through a 
"silent install." 

2. Invisibly. Rootkits take extraordinary measures to cloak them- 
selves, not only from the user, but from the operating system 
as a whole. The file system can't see the files that comprise the 
rootkit, and even if the files are exposed, they may be encrypt- 
ed or polymorphic. (They scramble themselves to avoid detec- 
tion, for example.) 
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This screen shot shows sample output taken from 
RootkitRevealer, which finds all files and Registry entries 
concealed from the OS. The hidden files listed here are 
actually legitimate Windows system files, but malicious 
code might also turn up in such an inspection. 



3. Unauthorized. Once rootkits install themselves, they proceed 
to do things you most likely would never want happening. 
This can consist of anything from logging keystrokes and for- 
warding them to a third party to hijacking data (the contents 
of a browser's cache or email, for instance) to interfering with 
the normal operation of the computer. 

Some people are willing to define a rootkit as nothing more 
than a tool that's designed to conceal itself and other processes or 
data on a system, but the majority of rootkits in the wild aren't 
simply proof-of-concept lab toys. They're malicious and trouble- 
some beasts, and if you encounter one, you need to know what 
you're up against. 

The "root" in rootkit comes from the Unix world, where 
the system administrator account is called root. If a Unix serv- 
er is hacked or compromised from the outside so that an arbi- 
trary user can run commands as root, this is referred to as 
"having the server rooted." The original root kit was probably 
a set of common Unix utilities that were hacked so as not to 
leave traces on the system they were run on. Among these were 
tools for changing account passwords; if the password list was 
compromised invisibly, anyone could have access to the com- 
puter in question. 

Rootkits and viruses share a lot of common ground, espe- 
cially in terms of how they work, but they differ in their 
deployment. Rootkits are usually deployed to silently take over 
a particular system, such as a computer containing sensitive 
data that someone else wants (logins, files, keystrokes, data, 
etc.). Viruses, conversely, spread freely and promiscuously and 
try to do as much damage on multiple systems as possible. 
Rootkits are generally deployed on one system at a time and 
don't propagate very much. However, viruses are now starting 
to use rootkit-style concealment, and there's at least one spy- 
ware application (a variant of the infamous CoolWebSearch 
program) that cloaks itself from the user and the OS with 
rootkit-style evasion. 

Digging Its Fingers In 

Rootkits generally work in one of three ways. A kernel root- 
kit plugs directly into the core of the OS — the kernel — and 
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adds code that prevents the kernel 
from finding out about it. One of the 
most common ways it does this is by 
attaching to the part of the kernel that 
handles file I/O; if the rootkit can screen 
all file operations going on in the system, 
it can ensure that the rootkit's own com- 
ponents never show up. This is a bit like 
a gang of thieves running a tollbooth: If 
they see a fellow gang member driving 
up, they let him through without paying, 
but everyone else still has to pony up. 
Thieves can pass through the gate unde- 
tected because they're secretly running 
the whole show. 

Library rootkits work a little higher up 
in the OS but use something of the same 
methodology. They intercept calls to 



common system functions that might 
reveal their presence. Application rootkits 
swap out whole programs with versions 
that have been specially compromised, 
often as a way to deliver the rootkit into 
the system to begin with. If you run a 
program that seems like the real thing but 
is in fact a rootkit-compromised phony, 
you've just infected your system with no 
way of knowing it. 

Because rootkits take so many steps 
to hide their tracks, just knowing you 
have one at all is half the struggle of 
dealing with it. If you are technically 
inclined, a good book on how Windows 
rootkits work is Greg Hoglund and 
James Butler's "Rootkits: Subverting the 
Windows Kernel." 
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Virtually Undetectable? 

Like virus technology, rootkit technol- 
ogy is constantly moving forward, and 
those who investigate how rootkits work 
are trying to stay one step ahead of the 
competition. One example of a rootkit 
concept that hasn't yet come to light, but 
which has been implemented at least pro- 
visionally in the lab, is what's been called 
a VMBR (virtual machine-based rootkit). 

Virtual computing, of course, involves 
running a PC inside a PC, with its own 
OS and virtualized hardware. Programs 
such as VMware and Microsoft Virtual 
PC use this technology. Experts love 
using virtual machines as test-beds and to 
run software in controlled environments. 
The PC within the PC is referred to as 
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the guest system; the PC running the vir- 
tual machine is the host. 

A VMBR would use this technology 
in an incredibly sneaky way. When 
installed it would take control of the 
boot sequence in the PC and force the 
VMBR to boot first. Then the VMBR 
would run as a host and load your regu- 
lar OS as a guest, inside it. This way the 
VMBR could completely control every 
aspect of how the OS runs from the out- 
side. A malicious user could then capture 
and report every piece of information on 
that machine, from keystrokes to net- 
work data, without the user ever know- 
ing a thing is wrong. The system could 
also be easily tricked into never seeing 
the presence of the VMBR itself. 

Thankfully, VMBRs don't exist out- 
side of proof-of-concept designs, but if 
you're curious, a detailed paper by several 
University of Michigan and Microsoft 
Research engineers on the mechanics of 
a VMBR ( www.eecs.umich.edu/virtual 
/papers/ki ng06.pdf ) is interesting reading. 
Other researchers, however, such as 
Hoglund, are skeptical as to how practical 
this is in the real world, as it does require 
a lot of work to implement. 

Sony's Sedition 

Amazingly, neither a lone-wolf hacker 
nor the criminal underworld was respon- 
sible for distributing the single most infa- 
mous rootkit infestation to date. Instead, 
it was entertainment conglomerate Sony 
BMG that was responsible for distribut- 
ing a rootkit as part of its purported war 
against music piracy. 

Mark Russinovich, author of the 
RootkitRevealer tool (more on this app 
later), initially unmasked the whole mess 
while testing the tool on one of his own 
systems. In a report that he wrote about 
the incident ( www.sysinternals.com/blog 
72005/ 10/sony-rootkits-and-digital- 
rights.html ), Russinovich found many 
things that were cloaking themselves 
from the OS and didn't seem part of any 
known software product. After some 
more digging, he found several hidden 
components digitally signed by a compa- 
ny called First4Internet, makers of a 
copy-protection system known as XCP. 



But where had the components come 
from? When Russinovich inserted a Sony 
BMG CD marked with the "Content 
/Copy Protected" logo into the PC, it start- 
ed a standalone music player that played 
copy-protected versions of the music on the 
disc. (Another Japanese entertainment 
giant, Avex, tried a similar copy-protection 
mechanism on a number of its CDs but 
eventually abandoned the idea.) 

However, Russinovich's protected disc 
also silently installed the XCP system to 
the computer without telling the user. 
This prevented the CD in question from 
being ripped or copied, but it also con- 
tributed to system instability and created a 
whole host of other problems. Things got 
worse: Not only was Sony BMG surrepti- 
tiously loading software (potentially unsta- 
ble software) into people's computers, it 
came with no way to remove it. None of 
these inconvenient facts were disclosed in 
the product's licensing agreement, either. 

Russinovich's article touched off a 
firestorm of controversy that ended with 
Sony BMG eventually abandoning the use 
of XCP and setting up a settlement for 
those who it had aggrieved ( cp.sonybmg 
.com/xcp ). One of the ironies of the 
rootkit is that despite it being difficult to 
trace and remove, it was extremely easy to 
prevent from being loaded in the first 
place. Holding down the SHIFT key 
while inserting the CD prevented Autorun 
from triggering on a CD and thus stopped 
the rootkit from installing. 

This is far from the only way a rootkit 
can sneak into a computer, but it's one of 
the most widely documented. 

Weapons For The War 

The good news is that rootkits aren't 
entirely undetectable. To paraphrase Sun 
Tzu, the very thing that makes them 
strong also makes them weak. The fact 
that rootkits hide files from the OS can 
be used against them. 

One of the first methods for rooting 
out rootkits was booting to a clean OS 
from a CD, getting a directory listing of 
all the files on the system, and then com- 
paring it with a similar list generated from 
inside the rooted operating system. If the 
two lists were different, the files missing 



from the rooted-OS list were probably 
suspicious, and you could analyze them. 

Doing this manually is a ghastly chore, 
though. Thus, numerous folks have pro- 
duced their own tools to automate the 
process and look for other things in a sim- 
ilar fashion. The most widely known is 
RootkitRevealer ( www.sysinternals.com 
/utilities/rootkitrevealer.html ), authored 
by Russinovich and Bryce Cogswell, both 
who have much expertise with how 
Windows works from the inside out. RKR 
works by scanning the disk twice, once 
through the file system and a second time 
by accessing the disk data natively. The 
results are then compared, and if a file is 
trying to hide, it'll show as a discrepancy 
between the two file lists. RKR also scans 
the Registry for similar discrepancies. 

Microsoft's growing concerns about 
product security led it to develop a very 
powerful rootkit tool of its own, Strider 
GhostBuster ( research.microsoft.com 
/rootkit ). GhostBuster works in roughly 
the same way as RKR, but one of the ways 
it differs is that it compares an "in-the-box" 
scan of the file system with a scan a sepa- 
rately booted CD with its own miniature 
copy of Windows derives. This is a much 
more powerful way to scan for rootkits, 
although much slower because it requires a 
reboot. However, as of this writing, 
GhostBuster isn't available for public use. 

One good thing about the rootkit phe- 
nomenon is that many processes and proce- 
dures that rootkit authors use are fairly 
widely documented. Rootkit.com has many 
examples and links to further documenta- 
tion and also includes an occasional pithy 
discussion of why rootkit strategies aren't 
always a bad thing. For example, allowing 
an antivirus product to conceal itself from 
direct attacks by viruses (provided the user 
knows what's going on) is one example. 

It's not uncommon for legitimate prod- 
ucts to use rootkit-style concealment 
strategies, but the strategy shouldn't create 
more problems than it solves. Not long 
ago, Symantec faced criticism for using 
rootkit-style concealment for its Norton 
Protected Recycle Bin, mainly because the 
way it was implemented could have 
allowed a system-sanctioned hiding place 
for malware. This has since been fixed. 
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Getting Un-Rooted 

If you find a rootkit on your computer, 
your first reaction may be, "How do I get 
rid of this thing?" The short answer? Don 't 
try. Because rootkits are that much harder 
to get rid of by design, it's generally not 
worth the effort to try and yank them 
manually. Even most experts aren't confi- 
dent enough they can do this without 
damaging the OS in the process and would 
recommend wiping the computer anyway. 

Therefore, treat a rootkit-infected com- 
puter like scorched earth. Get what data 
you can off the system (hopefully you've 
made regular backups), wipe the hard 
drive clean, and reinstall from scratch. Use 



a factory-pressed OS CD, not a custom 
copy with a slipstreamed service pack (if 
you use such a thing), and be equally cau- 
tious about any software you reinstall. It 
may be difficult to figure out where the 
rootkit came from if you haven't had tight 
control over the source of the software. 

A program called RKDetector (www 
.rootkitdetector.com ) will let you delete 
the files a rootkit uses, even when the sys- 
tem is online. If you're a pro and want to 
experiment with it in a controlled setting, 
it can be educational. But for production 
systems, the best strategy is just to begin 
anew and not to tempt fate. Other tools 
to consider include F-Secure's Blacklight 



( www.f-secure.com ), Joanna's Klister 
( www.rootkit.com/project.php?id=14) , and 
VICE ( www.rootkit.com/project.php 
?id=20) . If the infected machine is impor- 
tant, such as a server with critical data on 
it, don't clean it; unplug it and call the 
authorities. At least one rootkit has been 
linked to a terrorist-linked hacker group 
that hijacked tens of thousands of com- 
puters by exploiting security holes 
in AOL Instant Messenger. Chances are, 
though, you probably won't encounter 
anything that ghastly, but that's the prob- 
lem with rootkits; you never can tell. A 

by Serdar Yegulalp 
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According to Rootkit.com, Hacker Defender is "more of a 'blackhat tool' than a training example." Rootkit.com also 

says it is the most popular and widespread rootkit today. According to a passage at Hxdef.org, the online home of the 

Hacker Defender project, the continuing development of Hacker Defender should be seen as a positive. 
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uch of the attention 
paid to malware in re- 
cent years has shifted 
from a focus on tradi- 
tional malware threats 
to a concentration on 
spyware and adware. 
And no wonder: The 
growing prevalence of 
quality security software has, like an effective vaccine, decreased the 
likelihood of a widespread virus or worm outbreak by minimizing 
the number of systems that are susceptible to them. 

Indeed, the threat from nonspyware malware is quite low at this 
point in time. The last significant worm outbreak was Zotob in 
September 2005, and the threats registered since then have a low 
rate of prevalence. 

That doesn't mean hackers have given up on viruses, worms, and 
Trojan horses, however. They've simply refined their methods, says 
Ronald O'Brien, senior security analyst at Sophos. Hackers have 
"had to become quite sophisticated about how they get into a sys- 
tem," he says. "Because so many people now have protection at the 
endpoint, there is a much greater dependence on social engineering 
techniques in order for these attacks to be successful." 

The fact is today's cyber criminals think less like common van- 
dals — crashing systems for the sake of crashing systems — and more 
like cunning thieves: strategically attacking and manipulating sys- 
tems to achieve a particular purpose. They tend to operate under 
the radar, using a subtle mix of viruses, worms, and Trojans to 
insinuate themselves into the machines of unsuspecting users. 
As a result, says Craig Schmugar, virus research manager at 
McAfee Avert Labs, many of their best weapons are proven 
threats, or variants thereof, that have been around for years. 

"What we see for 2006 is a continuation of this kind of 
background noise," Schmugar explains. "These are threats 
like Mydoom, Netsky, and Lovgate that have been around 
for one or two years and yet continue to linger at the top of 
the detection list." 
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Users therefore must remain vigilant about maintaining their 
systems to avoid infections in the first place and then taking 
whatever steps necessary to eliminate infections if they occur. 
Toward that end, we have examined five prominent malware 
threats from the first half of 2006 and outlined the steps users 
can take to remove each one manually. 

Threat Name: Netsky-P. Also known as Netsky.AD@mm, 
Netsky. P@mm, Netsky. Q, and Netsky. Q@mm. 

How It Spreads: Although it can propagate through P2P net- 
works, this worm generally spreads via email attachments. It also 
exploits the MS0 1-020 (also known as the Incorrect MIME Head- 
er) vulnerability to infect a PC when the user views the infected 
message through Outlook's preview pane. Once installed on a sys- 
tem, Netsky-P harvests email addresses from files with specific 
extensions, including .ASP, .CGI, .DOC, .EML, .HTM, .HTML, 
.MSG, .RTF, .SHTM, .TXT, .VBS, .WAB, and .XML, among 
others. It then forwards itself to most of the email addresses it finds. 
(It won't forward itself to security-related addresses.) 

What It Does: Netsky-P is the latest nuisance variant of a worm 
family that traces its lineage back to Sasser author, Sven Jaschan. 
Its main purpose is to delete Registry settings associated with 
MyDoom and Bagle. It then forwards itself to most of the email 
addresses it finds on the infected system. The mass emailings can 
have an adverse effect on the performance of the infected PC. 

How To Remove Netsky-P: As is the case when removing 
any malware infection, you should make sure your antivirus soft- 
ware is up-to-date and that you have a full system backup in 
hand before proceeding. 



Sven Jaschan, the German teen 
responsible for unleashing the Sasser 
and Netsky worms, claims to have 
written the Netsky virus as a way of 
helping computer users eliminate the 
MyDoom and Bagle worms from their 
PCs. He received a 21 -month suspended 
sentence for his cyber crimes. 
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One of the most effective means of avoiding 
malware infections is to enable Automatic 
Updates. Make sure you configure the feature 
to run at a time when your PC is on and your 
Internet connection is active. 



The first step is to disable System Re- 
store. You can do so by right-clicking My 
Computer, selecting Properties from the 
pop-up menu, and selecting the System 
Restore (in Windows XP) tab. To complete 
the process, select the Turn Off System 
Restore option and click OK. 

Next restart in Safe Mode by rebooting 
and pressing F8 as the computer starts. 
Select Safe Mode when the Windows 
Startup Menu appears. When Windows is 
loaded in Safe Mode, launch the antivirus 
utility and perform a full system scan. 
Follow the on-screen instructions to 
remove all contaminated files and folders. 

Now it's time to delete the remaining 
residue. That means opening My Com- 
puter, accessing the affected drive, 
and deleting the PROGRAM FILES\ 
NETSKY.P folder. While you're at it, 
pull up the WINDOWS\SYSTEM and 
WINDOWS\SYSTEM32 folders and 
delete the following files: Base64.tmp, 
Userconfig9x.dll, Zipl.tmp, Zip2.tmp, 
Zip3.tmp, and Zipped. tmp. 

Next, to access the Registry Editor, open 
the Start menu, select Run, type regedit 
in the Open field, and click OK. When 
the Registry Editor appears on-screen, 
locate and delete the HKEY_LOCAL_ 
MACHINE\SOFTWARE\NETSKY-P 
key. You also should locate the HKEY_ 
CURRENT_USER\SOFTWARE\ 



MICROSOFT\WINDOWS\CUR- 
RENTVERSION\RUN key and delete 
any values that refer to FVProtect.exe. 

Finally, close the Registry Editor, reboot 
into Normal Mode, enable System Restore, 
and run the antivirus utility one more time. 

Threat Name: Zafi-B. Also known as 
Erkez.B@mm and Zafi.B@mm. 

How It Spreads: Zafi-B can spread 
through P2P networks by loading itself into 
shared folders under either Winamp 7.0 
full_install.exe or Total Commander 7.0 
full_install.exe. It also travels as an email 
attachment. The worm will search for email 
addresses in various files extensions, includ- 
ing .ASP, .DBX, .EML, .HTM, .TXT, and 
.WAB. It then forwards itself to most of the 
addresses it finds. 

What It Does: Zafi-B destabilizes a 
system by performing the usual mis- 
chief, such as modifying the Registry, 
inserting randomly named files on the 
hard drive, depositing itself into shared 
P2P network folders, and forwarding 
itself to most of the email addresses it 
finds on the system. It also initiates DoS 
attacks to certain Web sites and over- 
writes security-related EXE files on the 
infected hard drive. 

How To Remove Zafl-B: Normally, 
the first thing you should do when an 
infection occurs is run a full system virus 
scan using updated antivirus software. 
But it may be impossible in this case 
because Zafi-B often replaces key security- 
related EXE files. The solution is to man- 
ually undo the unwarranted changes and 
reload the antivirus software. 

After disabling System Restore and 
rebooting to Safe Mode, access the Reg- 
istry Editor. Locate and delete the HKEY 
_LOCAL_MACHINE\SOFTWARE\ 
MICROSOFT\_HAZAFIBB key. Locate 
the HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\RUN key and 
delete any value that refers to Hazafibb. 
Close the Registry Editor and reboot into 
Normal Mode. 

At this point you should reinstall your 
AV utility. When installation is complete, 
reboot into Safe Mode once again, scan 
the system for malware, and delete all 
infected files. Reboot into Normal Mode 



when the scan is complete. Enable System 
Restore when you're done. 

Threat Name: Mytob-EX. Also known 
as Mytob.DC, Mytob. DC-net, Mytob 
.GF@mm, Mytob.IT-2, Mytob.KP@mm, 
Mytob.LL, and Mytob.MY@mm. 

How It Spreads: Similar to My doom, 
Mytob-EX propagates itself by culling 
email addresses from files with particular 
extensions, including .ASP, .CGI, .HTM, 
.HTML, .TXT, .WAB, and .XML. It 
then forwards itself as an email attach- 
ment to most of these addresses. 

What It Does: Mytob-EX is one of the 
latest variants in an especially prolific family 
of worms. It loads automatically each time 
a user starts the computer and then exe- 
cutes three actions: It tries to shut down 
security-related processes; attempts to pre- 
vent access to security-related Web sites; 
and establishes a backdoor server, so remote 
users can turn the computer into a zombie. 

How To Remove Mytob-EX: Start by 
updating your AV software, backing up 
data, and disabling System Restore. 

Next, employ the Windows search 
utility to locate the Hosts file. (It has no 
file extension.) You'll most likely find it 
in the WINDOWS or WINDOWS\ 
SYSTEM32\DRIVERS\ETC folder. 
Wherever it's located, right-click it, select 
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Disabling System Restore is an important first 
step in removing malware. Doing so ensures 
that your AV utility can access and clean all 
infected files. Note that by disabling System 
Restore, you'll lose all previously created 
restore points. 
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Malware often installs itself into the HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ 
WINDOWS\CURRENTVERSION\RUN and HKEY_CURRENT_USER\SOFTWARE\ 
MICR0S0FT\WIND0WS\CURREN7VERSI0N\RUN keys in the Registry. Why? Because 
programs referenced by these keys are loaded automatically each time Windows boots up. 



Open from the pop-up menu, select 
Notepad in the resulting Open With dia- 
log box, and click OK. The contents of 
the Hosts file will appear on-screen. 
Review the contents of the Hosts file and 
delete any line that references any of the 
following Web sites: Amazon, AVP, CA, 
Etrust, eBay, F-Secure, Grisoft, Kasper- 
sky, McAfee, Microsoft, Moneybookers, 
NAI, Network Associates, Panda Soft- 
ware, PayPal, Sophos, Symantec, Trend 
Micro, Viruslist, and VirusTotal. Save 
the changes and repeat the process for 
each Hosts file on the computer. 

After editing the Hosts file(s), reboot to 
Safe Mode and scan the system for mal- 
ware. Delete all contaminated files and 
reboot into Normal Mode. Next, open the 
Registry Editor and locate the HKEY_ 
LOCAL_MACHINE\SOFTWARE\ 
MICROSOFT\WINDOWS\CUR- 
RENTVERSION\RUN and HKEY_ 
LOCAL_MACHINE\SOFTWARE\ 
MICROSOFT\WINDOWS\CUR- 
RENTVERSION\RUNSERVICES keys. 
Delete all corresponding values that refer to 
Pic System or Picx.exe. 

Next, WinXP users need to reactivate 
the Windows Firewall. To do so, open the 
Start menu, select Run, type services.msc 
in the Open field, and click OK. The 
Services window will appear on-screen. 
Locate and double-click the Internet 
Connection Firewall (ICF)/Internet 
Connection Sharing (ICS) entry in the list 
of local services. In the resulting dialog 



box, set Startup Type to Automatic and 
click the Start button under the Service 
Status heading. Click OK when it's clear 
the firewall has restarted. 

To reactive the Windows Firewall in 
WinXP SP2, access the Control Panel, 
open the Security Center, and click the 
Windows Firewall icon. When the 
Windows Firewall window appears on- 
screen, turn the firewall on and click 
OK to activate it. 

Finally, Internet Explorer's Web set- 
tings must be reset. From within the 
Security Center, click Internet Options. 
Click the Programs tab in the Internet 
Properties window, select the Reset Web 
Settings option, and click OK. Enable 
System Restore when you're done. 

Threat Name: Sober-Z. Also known as 
CME-681, Sober@mm!M681, Sober.AA, 
Sober. AG, Sober. W, Sober. X, Sober 
.X@mm, Sober.Y, and Sober.Z@mm. 

How It Spreads: Sober-Z travels as a 
.ZIP email attachment. The worm scours 
the hard drive of an infected PC, pulling 
email addresses from files with specific 
extensions, including .BAK, .CFG, .CGI, 
.DOC, .EML, .INI, .LOG, .MSG, .PPT, 
.PST, .RTF, .TXT, .VBS, .WAM, .XLS, 
and .XML. It then sends itself to most of 
the email addresses it finds. 

What It Does: When Sober-Z first 
struck in December 2005, it reportedly 
accounted for one out of every 13 email 
messages in circulation and represented 
one of the biggest outbreaks on record. 



Beyond VMndows: 

AVSoftware 

ForUnux 

Because of its popularity and many vul- 
nerabilities, Windows has become the 
biggest target for hackers intent on 
causing harm or stealing data. But it 
isn't the only target. Cyber criminals 
occasionally turn their attention to 
other operating systems, including 
Linux. That's why it's crucial for all 
computer users, even those who don't 
do Windows, to invest in reputable 
antivirus software. Several non- 
Windows AV utilities are available, 
including those listed below. 

avast! Linux Home Edition. ALWIL 
Software developed the Linux edition 
of avast! around the same ICSA-certi- 
fied kernel it employs in its various 
Windows AV programs. As a result, 
users get advanced features, such as 
quarantining and automatic updates, 
that Windows users take for granted. 
The utility also boasts a user-friendly 
interface to complement its command 
line console, online and email tech 
support, and a price that can't be beat: 
free (for personal use). 

F-Prot Antivirus For Linux 
Workstations. The latest edition of F- 
Prot Antivirus For Linux Workstations 
can detect and destroy all malware 
threats, not only those targeting Linux. 
It offers a command line interface, sup- 
ports an option for scheduled scan- 
ning, and can identify boot sector 
viruses and macro viruses. Like avast! 
Linux Home Edition, F-Prot Antivirus is 
free for personal use only. Frisk 
Software also offers comparable AV 
utilities for users of BSD and DOS, too. 

Panda Antivirus For Linux. Panda 
Antivirus For Linux is a no-nonsense, 
command line AV utility that costs 
nothing and runs on servers and work- 
stations alike. How-to instructions are 
minimal, and support is nonexistent. 
For these reasons we recommend it to 
existing Panda AV customers only. ▲ 
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Many malware agents, 
including Mytob-EX, are 
programmed to disable 
system security utilities. 

After an infection, you 
should reactivate these 

utilities, including the 
Windows Firewall. 
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The message terminates previous ver- 
sions of Sober, disables Symantec's 
LiveUpdate function, manipulates the 
Registry, and copies several files to the 
system. It also presents a WinZip Self 
Extractor error message indicating an 
error with a packed header. It may show 
an additional message indicating no 
viruses, Trojans, or spyware were found 
on the system. Sober-Z can download 
file updates from the Internet and for- 
wards itself to most of the email address- 
es it finds on the system. The mass 
emailings can have an adverse effect on 
the performance of the infected PC. 

How To Remove It: First back up 
your data and disable System Restore. If 
you own Symantec security software, 
reinstall the LiveUpdate component at 
this time. You can download the insta- 
llation file from ftp://ftp.symantec.com 
/public/english us canada/liveupdate 
Zlusetup.exe . When the installation is 
complete, update virus definitions and 
run a complete scan of the system. 

With that out of the way, open the 
Registry Editor. Locate and delete the fol- 
lowing values: 

HKEY_CURRENT_USER\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\RUN\_Windows 

HKEY_CURRENT_USER\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\RUN\_Wincheck 

HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\RUN\ Windows 



HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\RUN\ Wincheck 

HKEY_CLASSES_ROOT\EXEFILE\ 
SHELL\OPEN\Command 

Finally, close Registry Editor and run 
one more malware scan. Enable System 
Restore when you're done. 

Threat Name: MetaFisher Trojan. 
Also known as Agent. EO, Agent. EY, 
Agent.FG, Agent.FL, PWS-EC, PWS 
-EJ, PWSteal.Metafisher, Spy-Agent 
.AK, TSPY_AGENT.AMD, and TSPY_ 
AGENT.BGN. 

How It Spreads: MetaFisher is distrib- 
uted as spam. Each message contains a 
link pointing to a site designed to exploit 
the MS06-001 (also known as the Micro- 
soft Windows Graphics Rendering En- 
gine WMF Format Unspecified Code 
Execution) vulnerability. 

What It Does: A particularly devious 
and criminal Trojan, MetaFisher exploits 
the MS06-001 vulnerability to establish 
itself on a system and create a backdoor 
that lets remote operators monitor system 
activity, gather confidential banking 
information, even steal funds from an 
affected user's financial accounts. 

How To Remove It: After updating 
your AV software, running a full system 
scan, backing up your data, and disabling 
System Restore, the next step is to pull up 
the Registry Editor. Use it to locate and 
delete the following keys and values: 

HKEY_CURRENT_USER\SOFT- 
WARE\MICROSOFT\INTERNET 



EXPLORER\MAIN\Enable Browser 
Extensions 

HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\CONTROL 
PANEL\LOAD\Compid 

HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\CONTROL 
PANEL\LOAD\Next_Install key 

HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\CONTROL 
PANEL\LOAD\HTTPREPORT 

HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\CONTROL 
PANEL\LOAD\WASPOPUP 

HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\CONTROL 
PANEL\LOAD\FORMWAS 

HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\EXPLORER\ 
BROWSER HELPER OBJECTS\ 
{78364D99-A640-4DDF-B91A- 
67EFF8373045} 

HKEY_LOCAL_MACHINE\ 
SYSTEM\CURRENTCONTROL- 
SET\SERVICES\SHAREDACCESS\ 
PARAMETERS\FIREWALLPOLICY\ 
STANDARDPROFILEVAUTHORIZED- 
APPLICATIONS\LIST\(Default) 

HKEY_LOCAL_MACHINE\ 
SYSTEM\CURRENTCONTROLSET\ 
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Symantec customers who find their PCs 
afflicted with Sober-Z should download, 
install, and run LiveUpdate as part of a 
comprehensive solution. 
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SERVICES \SHAREDACCESS\ 
PARAMETERS\FIREWALLPOLICY\ 
STANDARDPROFILE\AUTHO- 
RIZEDAPPLICATIONS\LIST\%Progra 
mFiles%\Internet Explorer\Iexplore.exe 

Exit the Registry Editor, reboot the 
computer, and run another malware scan 
to complete the removal. Enable System 
Restore when you're done. 

Keep It Safe 

As is quite apparent, users can't rest on 
their laurels when it comes to protecting 
their data. They need a comprehensive 
se-curity system that combines up-to- 
date antivirus software with a firewall and 



antispyware utility. These three programs 
create a formidable barrier that can repel 
the vast majority of unsolicited attacks. 

Other preventative measures exist, of 
course. Upgrading to WinXP SP2 is a 
step in the right direction. It's also a 
good idea to disable BHOs (Browser 
Helper Objects), delete all unexpected 
email attachments, and ignore all 
unusual email messages. Users should 
log on to a Windows user account that 
doesn't have administration privileges. 
This step restricts what malware can do 
if it gets into your system. A 
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Logging on to a PC as a user rather than as an 
administrator prevents malware from making 
administrator-level changes to a system. Use 
the administrator account only when installing 
software and modifying system settings. 



Malware's Most Wanted 

The stew of contagious computer viruses is constantly churning. 
Threats rise to the top, wreak a little havoc, and then sink away into 
the dredges of bad code often to reappear unexpectedly several 
months— or years, in some cases— later. Most antivirus software 
developers track this kind of malware activity, posting the latest 
threats on their Web sites. The information changes from day to 
day as hackers look for new and innovative ways to exploit system 



vulnerabilities, but over time patterns emerge, and the most signifi- 
cant threats become apparent. 

Based on information provided by Sophos, we have identified 
10 significant malware threats that emerged and stayed near the 
top during the first three months of 2006. How long they will stay 
there is hard to tell. When it comes to malware, predicting future 
results on past performance is nearly impossible. ▲ 



Netsky-P 


See page 60. 


Zafi-B 


See page 61. 


Mytob-BE 


Email worm that disables AV software, blocks access to security-related Web sites, and enables 
remote users to take control of infected systems. It also forwards itself to most of the email 
addresses it finds. Also known as Mytob.CM, Mytob.BQ@mm, and Mytob.DW. 


Netsky-D 


Email worm that makes changes to system files and forwards itself to most of the email 
addresses it finds. It carries a dated payload that caused a computer to beep randomly on 
March 2, 2004. Also known as Netsky.C@mm, Netsky.D@mm, and Netsky.gen@mm. 


Mytob-FO 


Email worm that disables AV software, blocks access to security-related Web sites, and enables 
remote users to take control of infected systems. Also known as Mytob.FO@mm. 


Mytob-EX 


See page 61. 


Nyxem-D 


Email worm that disables AV software, deletes files from the PC, makes changes to files with 
certain extensions (including .DOC, .PDF, and .XLS), and forwards itself to most of the email 
addresses it finds. It also travels through shared network folders. Also known as Blackmal.E@mm, 
Blackmal.F@mm, CME-24, MyWife.D, MyWife.D@mm, MyWife.D@mm!M24, MyWife.E, 
MyWife.E@mm, Nyxem.E, Small. Kl@mm, Tearec.A, Worm_Grew.A, and Worm_Grew.B. 


Sober-Z 


See page 62. 


Bagle-CH 


Email worm that disables AV software, blocks access to security-related Web sites, downloads 
and runs unsolicited software, and propagates through both file-sharing networks and messages 
sent to most of the email addresses it finds. Also known as Bagle.CL, Bagle.DI-BK, Bagle.DP!M328, 
Bagle.FJ, Beagle. DL@mm, Bloodhound. Beagle, and CME-328. 


MyDoom-AJ 


Email worm that exploits the MS04-01 1 (also known as the LSASS or Local Security Authority 
Subsystem Service) vulnerability in Windows to enable remote users to control the infected 
system. The worm also blocks access to security-related Web sites and forwards itself to 
most of the email addresses it finds. Also known as Mytob.AC, Mytob.AE, Mytob.AG@mm, 
Mytob.AQ, Mytob.U, and Mytob.U@mm. 
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This Is Personal 




ou know the drill. An email comes 
in that looks like it's from eBay, 
PayPal, or one of the many other 
services scammers commonly co- 
opt. It tells you there's a problem 
with your account, and the only 
way to fix it is to click the link in 
the email and "confirm" a bunch 
of personal information. You 
delete it because it's obviously just 
another lame phishing scam. 

But what about that next mes- 
sage? The one from your boss 
telling you to log in to a new internal Web site to set up an 
account to collaborate with other people on your team? The 
sender line proves it came directly from her, right? And when 
you click the link it takes you to a site that looks exactly like 
an internal page at your corporate Web site. The Address bar 
displays the correct URL and the padlock is even locked indi- 
cating it's a secure connection. Or is it? 

Thanks to spearphishing it may not be. This sophisticated 
form of phishing takes social engineering to an entirely new level, 
focusing on specific groups or individuals instead of casting a 
broader, cruder net designed to catch a very small percentage of 
users unaware. These emails contain personal or otherwise confi- 
dential email, seem to come from someone who is trusted or in a 
position of authority, and often lead to Web sites that are indis- 
tinguishable from the real thing. They all are designed to steal 
your personal information so scammers can steal money, intellec- 
tual property, or anything else of value. 

Smaller Is Better 

Like spam and phishing attacks of the past, spearphishing 
attacks rely on botnets. 

When most people think of botnets they picture an enor- 
mous network of interconnected machines spewing out a never- 
ending stream of phishing and spam email. That accurately 
describes botnets of the past, which were created by explosive 
viruses and worms such as SoBig, Bagle, and Netsky, and tended 
to incorporate more than 100,000 machines. In the past few 



years, however, experts have noticed an interesting paradigm 
shift in the construction of these networks: They're shrinking. 
"Botnets are now about 20,000 machines in size as an average," 
says Mark Sunner, CTO of email security company Mes- 
sageLabs, which scans and filters more than 165 million emails 
per day for its clients. 

There are several reasons for the rise of small botnets, but 
everything boils down to the fact that big infections make big 



A Trip To The Pharm 

Spearphishing attacks are bad, but at least individuals can help stop 
them. Pharming is a much more sinister type of attack because the 
scammers commandeer DNS servers at a client, corporate, or even 
the ISP level to redirect Web traffic to Web sites they control. All 
the scammers have to do is change the translation tables so that 
typed domains resolve to IP addresses assigned to equipment they 
control, and they gain access to everything you sent and received 
through that "poisoned" DNS server. 

The experts we interviewed don't view pharming as a huge 
threat because companies can patch DNS servers to prevent this 
sort of hijacking, but pharming is still something everyone should 
take very seriously. Perhaps the scariest trend is pharming at the 
individual PC level that works by poisoning the computer's Hosts 
file. This file serves as a sort of shortcut that translates domain 
names into IP addresses locally, completely bypassing DNS 
servers connected to the Internet. 

Even initiatives such as DNSSEC (DNS Security I 
that are designed to fortify the current DNS system are far from 
perfect. "You can configure your DNS server to use DNSSEC," 
says Johannes Ullrich, chief research officer for the SANS 
Institute, "but the overall infrastructure is not there yet to sup- 
port it on the .com or .net level, and that would really be the 
solution to make DNS itself more secure." Ullrich pointed out 
that the .mil and .gov top-level domains will soon support 
DNSSEC and that Sweden's .se top-level domain already does, 
so if those tests scale well and prove the technology will work, 
other top-level domains such as .com should eventually incor- 
porate the technology. A 
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splashes in the security community — 
along with big headlines in the end-user 
community — and are therefore detected 
and cleaned up relatively quickly. This is 
bad news for the scammers, who lose 
control over an enormous number of 
machines without having a lot of time to 
exploit them, so they've now shifted gears 
and are purposely limiting the effective- 
ness of viruses so a much smaller group 
of computers is infected. Now instead of 
controlling one enormous botnet that 
contains 100,000 computers, scammers 
can control five smaller botnets that each 
contain 20,000 computers, providing a 
lot more flexibility. Unlike in the past, 



"the purpose of a botnet isn't just to pro- 
vide the ability to amplify how much you 
can send," says Sunner. "Its primary pur- 
pose is to obfuscate where it's coming 
from. Stealth is probably one of the pri- 
mary innovations going on at the mo- 
ment." These smaller botnets and the 
need to stay under the radar make it dif- 
ficult to send large volumes of standard 
phishing email, so to get a more efficient 
return out fewer emails scammers have 
turned to spearphishing. 

Worse still, the viruses used to create 
botnets give scammers complete con- 
trol over a computer, letting them in- 
stall whatever they like on the infected 



system. "We're seeing them being used 
for distributing spyware and adware in 
particular because they can generate rev- 
enue by installing these sorts of applica- 
tions," says Paul Wood, a senior analyst 
at MessageLabs. 

Seeing Isn't Believing 

Now that they have a stealthier deliv- 
ery method in place, the next step for 
scammers is creating emails that are con- 
vincing enough to make people click an 
embedded link. Company Web sites 
usually give scammers all the informa- 
tion they need to impersonate someone 
from the IT department or some other 



Phishing For Phishermen 



When you receive a phishing email, particularly one that is so poorly 
crafted that it insults your intelligence, the temptation to track down 
the scammer is strong. Good luck because even a senseless phisher 
can easily hide his or her tracks. As is the case with most digital 
data, tracking down the source of an email isn't so much about find- 
ing the information you need as trusting the information you find. An 
email header is a gold mine if the sender didn't take any precautions, 
but in most cases what you find is just fool's gold. 

Pretend you receive a phishing email in Outlook, right-click the 
message's entry, and click Properties to check out the Internet 
Headers box. You might see something like this, which we extracted 
from a real phishing email: 

Return-Path: <secure@anbtx.com> 

Received: from eastrmimpiOl .cox.net ([68.1 .1 6.1 1 7]) 

by eastrmmtai02.cox.net 

(InterMail vM.6.01.05.02 201-2131-123- 
102-20050715) with ESMT 
id<20060404051557.VOES5488. 
eastrmmtai02.cox.net@eastrmimpi01 .cox.net>; 
Tue, 4 Apr 2006 01:15:57 -0400 
Received: from exchange ([216.163.60.34]) 
by eastrmimpiOl .cox.net with IMP 
id GtDF1U00x0kKFQ80000000 
for tcbc@cox.net; Tue, 04 Apr 2006 01 :1 4:08 -0400 
Reply-To: secure@anbtx.com 
From: Chase Personal Banking<secure@anbtx.com> 

There's more than that, but this is the only stuff that potentially 
matters. Here we have the name of the computer that sent the email 
(exchange) and the time zone from which it was sent (-0400, which 
is Atlantic time). Not much to go on so far, but what about those 
domain names and IP addresses? You can forget about the From, 
Return-Path, and Reply-To lines as they are very easy to forge. There 
are two Received lines, but you can only trust the first one because 



it's the only one your email server presumably creates. Information in 
the second Received line (and any other Received lines that follow 
the first one since scammers tend to forge several of these lines) 
refers to servers that the message hopped between on its way to you, 
and scammers can also forge this information. 

That first Received line has the potential to tell you the domain 
name and IP address where the email originated, but it's most 
likely a dead end. Phishers can use anonymizers to effectively 
launder emails, making them all appear to originate from the 
anonymizer service instead of from the scammer's PC. They also 
can spoof the IP address in that line, although it's very difficult 
and often not worth the effort. The most likely scenario, however, 
is that message came from an infected computer sitting on a bot- 
net and the computer's owner has no idea scammers are using 
his machine for phishing. The best botnets have so many layers 
that they are practically impenetrable even if you use more 
sophisticated snooping methods. "If you try to track a botnet by 
deliberately infecting a mechanism to then see where it is report- 
ing back to invariably what you find is another botnet," says Mark 
Sunner, CT0 of MessageLabs. 

Even if you somehow manage to pin down a computer name and 
IP address that irrefutably associates a phisher with a physical loca- 
tion, they're often someplace where you can't do anything. Your best 
and safest bet, therefore, is to report phishing emails to the proper 
authorities and forget about them. Because scammers can easily 
forge IP addresses, it rarely helps to send phishing emails to a spe- 
cific ISP. Save yourself a lot of trouble and submit them to the Anti- 
Phishing Working Group at reportphishing@anti-phishing.org . Don't 
forward the email to the organization unless you absolutely have to 
because that strips away vital header information. Instead, send 
phishing emails as attachments. If the group looks into it and deter- 
mines it's a new scam, it will add the email to the site's Phishing 
Archive so other potential victims can learn about it; as G.I. Joe 
taught us, knowing is half the battle. ▲ 
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One-to-many "standard" attack 
Attacker 



Standard attack 



□ □□ 

nnn 

□ □□ 
nnn 



The first impacted businesses act as the indicators leading to 
the release of protective signatures. 
Signature-based methodologies rereduce the risk but do not 
provide protection until the threat is known. A few are 
impacted while the rest benefit; you take your chances. 



One-to-many "targeted" attack 

Attacker ## 

Targeted attack 





In a targeted attack there is no shared risk and no 
trigger for signature creation. 
Signature-based methodologies are therefore ineffec- 
tive against unknown threats. 
In addition, these attacks can be specifically tailored 
because the attacker has greater knowledge of the target. 



Source: MessageLabs 



authority figure. They then can craft an 
email that looks like it's coming from 
within the network, but actually comes 
from a botnet. Scammers forge the 
sender's address and use programming 
tricks to make the embedded link look 
like it goes to a legitimate Web site. 
Once the victim clicks the link, the Web 
page that appears looks just as he would 
expect, thanks to more tricks such as 
using browser overlays to cover up the 
actual domain name with a picture con- 
taining the domain name the user 
expects to see. The scammers can also 
cover up other graphics; for example, 
they can make the security padlock icon 
appear to be closed when it is really 
open. The end result is visually identical 
to that of the original Web site. 

Put Up Your Shield 

Although spearphishing emails are 
very difficult to detect just by looking at 
them, there are still a few things end 
users can do to starve off these types of 
attacks. "The biggest mistake is always 
to trust the 'from' line in an email ad- 
dress," says Johannes Ullrich, chief re- 
search officer for the SANS Institute. 
Whenever possible check the header to 
make sure what you're seeing in your 
email reader matches up with what's 
really there. If the address is some sort 
of proxy such as "Bob," hover the mouse 
over it or check the header to make sure 



that "Bob" corresponds to Bob's real 
email address. 

Ullrich also recommends being ex- 
tremely consistent in the way you write 
your emails so that imposter emails 
will stand out. Using a standard greeting 
and signature can go a long way toward 
personalizing your emails, as does stick- 
ing with one email account for all of 
your correspondence (or at least never 
emailing a particular person from multi- 
ple accounts). 

Digitally signed email is another good 
option, but Ullrich says very few organi- 
zations implement it because everyone 
must use it constantly for it to be effec- 
tive. "If I only sign important email, 
then the problem is if I receive an 
unsigned email, I just think that you 
didn't consider it important enough to 
sign it," he says. "So you have to sign all 
your email in order for it to work, and 
people have to become familiar with it so 
they actually look for it." 

Fight Back With Filters 

Because the social engineering behind a 
spearphishing attack has become so 
advanced that the latest attacks can even 
fool expert computer users, all of the 
experts we interviewed recommended 
aggressive email and network traffic filter- 
ing as the best preventatives. Most com- 
panies can configure email servers to filter 
email that appears to come from within 



an organization but actually originates 
from an outside IP address; however, any- 
thing beyond that involves special soft- 
ware or services from companies such as 
MessageLabs. Although the latest spear- 
phishing techniques "are quite brilliant 
from a social engineering standpoint, they 
stick out like a big red flag from a scan- 
ning perspective if you're actually looking 
at the scripts and the mechanisms behind 
them," says Sunner. 

Sharpen The Spear 

Spearphishing is poised to become 
much more effective in the future 
thanks to a recent attack vector called 
targeted Trojans. Standard Trojan virus- 
es are self-replicating and designed 
to spread to as many computers as possi- 
ble, regardless of where those comput- 
ers are located. Targeted Trojans are 
much more selective, focusing in on a 
single organization or even an individual 
user, and they are much better at re- 
maining undetected. 

"They've added rootkit functionality 
so that they can better hide the software 
on the end computer," says David 
Mackey, IBM's Global Security In- 
telligence Lead. Rootkits are the source 
of much controversy in the PC gaming 
and entertainment software realms, 
where they're used as copy-protection 
schemes that lurk in places Windows, 
antivirus, and antispyware applications 
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Over time the botnet efficacy degrades 

as zombies are blocked, IRC servers are 

disrupted, and/or the botnet is stolen. 



Criminal 
enterprise 



Botnet A 



Botnet B 



Initial infection 




3 Secondary infections C 

^ □□□! 






Botnet C 

□ □□ 
■□□□ 

□ □□ 



New zombies 




Criminal enterprises use existing 

botnets to recruit new zombies and 

create completely new botnets. 



Over time the criminal enterprises 

continue and increase attacks/spam 

even as individual botnets fail. 



IRC used to control botnet 
and command attacks/spam. 



botnet 
efficacy 



Criminaljnterprise efficacy r. 



Botnet A 



Botnet B 



Botnet C 



Botnet D 



Source: MessageLabs 



can't see, and the technology is a perfect 
match for a virus that wants to stay on a 
system as long as possible. (See the 
"Rootkit Madness" article on page 56 
in this issue of CPU for more informa- 
tion on rootkits.) 

Beyond that, launching a targeted 
Trojan attack requires almost no technical 
expertise thanks to readily available virus 



creation tools on the Internet and a very 
active virus creation community. Only 
instead of doing it for bragging rights like 
scammers did in the past, now most of 
them are doing it for money. 

Ultimately it will take a joint effort 
from the ISPs and the security communi- 
ty to really put the squeeze on scammers 
who use social engineering attacks. 



"There needs to be more emphasis at the 
cloud level to stop this stuff," says 
Sunner. "The further you get away from 
the source of the problem the harder and 
the more expensive it becomes to deal 
with it." Until then, the price of Internet 
freedom is eternal vigilance. A 

by Tracy Baker 



Targeted Trojans From The Bad Guy's Perspective 



In the past, creating a targeted virus was a tricky, time-consuming 
proposition that required a lot of technical expertise. Now everyone 
is a simple Web search away from all the tools they need to turn 
nearly any computer into a zombie. Here's how it works: 

Step 1 : Make A Virus 

A scammer downloads existing Trojans and then repackages 
them using a PE compression program, essentially creating an 
all-new Trojan. 

Step 2: Do The Research 

Once the virus is made, the scammer accesses the target compa- 
ny's Web site to get the names and email addresses of authority 
figures and potential victims. He also can find out what antivirus 
products the company uses, download the latest version of that 
software to his computer and test his new Trojan against it to 
make sure it will get through. 



Step 3: Prepare The Package 

The scammer now crafts a spearphishing email using the informa- 
tion he gathered, embedding the self-executing Trojan in an attach- 
ment the victim will be expecting. 

Step 4: Special Delivery 

The email, appearing to be from the boss, someone in IT, or another 
trusted source, is sent to several employees. When an employee 
opens the attachment the Trojan executes in the background, using 
rootkit technology to bypass and hide from antivirus and other scan- 
ning software. 

Step 5: Command & Control 

Once the scammer installs the Trojan, anything is possible. The 
scammer can completely disable antivirus software, inject new and 
improved Trojans onto the computer, or simply wait for the user to 
log in to a secure account and then hijack the session. A 
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Three Dei/ices To Qecure Mour Data 





ecurity is a major concern for most 
power users. We keep our operating 
systems patched and up-to-date, use 
alternate Web browsers and complex 
passwords, and never connect to the 
Web without using antivirus software 
and a firewall (preferably two: one 
hardware- and one software-based). 
But taking these steps, while necessary, 
only protects the host PC from outside 
intruders and some types of malware. 
What's to stop someone in your home or small office from simply 
walking up to your PC while you step away for a coffee break and 
accessing or destroying important data? Unless you're a stickler 
about logging out or enabling your screen saver password every 
time you're away from the keyboard, the answer is not much. 

Fortunately there are myriad of useful tools available that can 
limit physical access to a PC and pre- 
vent unwanted interlopers from 
meddling with private data. Biomet- 
ric devices make it much easier to 
use long, near impenetrable pass- 
words that'll take forever to brute 
force and log in just by typing, and 
hardware-based encryption technolo- 
gies make accessing data without the 
right key nearly impossible for all but 
the most adept gurus. 



APC Touch Biometric 
Pod Password Manager 

APC's Biometric Pod Password 
Manager is a simple way to secure 
and archive numerous passwords. 
The package contains a small USB 
fingerprint scanner that uses Authen- 
Tec TruePrint Sensor technology 




Touch Biometric Pod 
Password Manager 

$49 
APC 
www.apc.com 

• •• 



and user authentication/identity management software. The 
OmniPass application that's bundled with the device encrypts 
and stores passwords, and a user can then log in to whatever Web 
site or application that requires his password using his finger- 
print. The device itself technically doesn't make a PC "more 
secure," but it does give the user the ability to more easily use 
complex passwords, and because he can log in with the touch of 
a finger, shoulder surfers will no longer be able to glance at the 
keyboard and try to learn his passwords as he enters them. The 
APC Biometric Pod Password Manager may also prevent a less 
savvy user from having to write down password lists, which, of 
course, is a major no-no. 

The device is very easy to install and configure. After installing 
the bundled software, a user must register his fingerprints, and 
then the OmniPass software goes to work monitoring and storing 
passwords at his discretion. The user can register a single print for 
up to 20 user accounts, or he can store up to 20 prints should 
more than one person need to log 
in to a system with the same user 
account. We also should note that 
we tried to defeat the APC Biometric 
Pod using some of the more com- 
mon methods (such as not cleaning 
our fingerprints off the Pod, putting 
a warm bag of water on the sensor, 
and creating a fingerprint in Silly 
Putty and placing that on the sensor) 
and were unsuccessful. 

A-Data My Flash Fingerprint 
Disk FP1 2GB 

Obviously, one of the best ways 
to secure private data is to ensure 
it's inaccessible to unwanted visi- 
tors. And one of the easiest ways 
to do this is to take it with you 
when you're away from your PC. A 
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product such as A-Data's My Flash 
Fingerprint Disk FP1 can store up to 
2GB of encrypted data, yet it's small 
enough to fit on a key chain. 

The first time the FP1 connects to a 
Windows-based PC, a simple application 
launches to run the user through the 
process of registering his fingerprint(s). 
Configuration takes a few minutes and 
entails nothing more than slowly drag- 
ging a finger across the sweep-type sensor 
embedded into the FPl's surface. No 
additional software installation is neces- 
sary on Windows XP, although A-Data 
includes a disk with drivers for older ver- 
sions of Windows. Once the user has 
configured FP1, he can't access the data 
on the drive without the correct finger- 
print; other users can't use the disk, 
either, unless they've registered their fin- 
gerprints or know the backup password. 
In addition, My Flash encrypts stored 
data on the fly. 

A-Data's My Flash Fingerprint Disk 
FP1 is available in capacities ranging 
from 256MB all the way up to 2GB, and 
it features USB 2.0 high-speed data 
transmission. The bundled software is 
preinstalled on the disk and includes 
data encryption/decryption capabilities, 
Web auto login, Web favorites, file man- 
agement, and a flash-based mail client. 
An LED on the drive flashes to show 
activity and the FP1 is completely hot 
swappable. We did find that the sweep- 
type sensor was somewhat finicky, but 
these types of sensors are inherently 
more secure than touch sensors. 

Macally PHR-250CE 

Portable flash-based drives such as the 
A-Data's My Flash Fingerprint Disk FP1 
are handy for securing and storing rela- 
tively small amounts of data. For users 
who need larger capacities, though, a 
product similar to Macally's PHR-250CE 
may fill the bill. The PHR-250CE is part 
of an entire family of products that can 
accommodate a host of drive types and 
usage scenarios. The PHR-250CE is basi- 
cally an external 2.5-inch IEEE1394a 
FireWire/USB 2.0 enclosure that features 
real-time, hardware-based encryption, 
powered by a NIST- and CSE-certified 
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My Flash Fingerprint 
Disk FP1 2GB 

$65 

A-Data 

www.adata.com.tw 

• •• 




PHR-250CE 

$79 

Macally 

www.macally.com 
• ••< 



DES 40-bit encryption engine. The 
device automatically encrypts data on the 
hard drive, bit by bit, including the boot 
sector. Note that the enclosure doesn't 
come with a drive, however, so you will 
have to purchase that separately. Should 
you already own a suitable 2. 5 -inch for 
use with the PCE-250CE, you'll also need 
to be aware that you'll need to repartition 
and format it once you install the device. 
Because the enclosure encrypts the drive's 



spotlight 



data on the fly in real time, it can't read 
previously stored data. 

For the most part, the PHR-250CE 
functions just like any other external hard 
drive enclosure, but you can't access any 
of the data on the drive without first plug- 
ging in one of the two included secure 
keys the device uses for authentication and 
access control. The secure keys look much 
like a thumb drive, but they store the 
unique information the unit needs to en- 
crypt/decrypt the data stored on its hard 
drive. In fact, without the secure keys 
installed, an operating system won't even 
recognize the PHR-250CE when it's 
plugged into a suitable USB or FireWire 
port. The secure keys also close the circuit 
necessary for the drive to function. 

The Macally PHR-250CE supports 
both Macintosh OS- and Windows-based 
systems (no software installation neces- 
sary), and you can use it with standard 
2.5-inch IDE hard drives (up to 9.5mm 
height). The unit is compact for easy 
portability, and similar to most external 
enclosures, it's hot-swappable, as well. It 
includes two secure keys and features an 
active LED to indicate power and data 
access. The enclosure itself is made from a 
stiff metal alloy that doubles as a heatsink 
to keep the drive inside running coolly. 

In an attempt to access the data we 
stored on the drive after configuring the 
PHR-250CE, we pulled the hard drive out 
and tried to connect it directly to one of 
our systems. We are pleased to report that 
our system didn't even recognize the parti- 
tion on the drive. This was a rudimentary 
attempt to "defeat" the PHR-250CE, but 
rest assured that even if the device is stolen 
with all of your data on the drive, without 
the secure keys, the average thief isn't 
going to be able to access your files. 

There are a number of other devices 
available for encrypting and/or securing 
data on a PC, such as PCI-based hard 
drive controllers that encrypt data on the 
fly and hardware login keys. For most 
users though, a combination of strong 
passwords, encrypted data, and common 
sense are all that are necessary to keep mis- 
sion-critical or sensitive data secure. A 

by Marco Chiappetta 
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The Bleeding 
Edge Of Software 

Inside The World Of Betas 



Official product name: SQLyog 

Version # previewed: 5.01 Beta 4 

Publisher: Webyog Softworks 

Developer and URL: Webyog Softworks; 

www.webyog.com/sqlyog/index 

_sqlyogfree.php 

ETA: Q2 2006 

Why you should care: Perhaps the fastest 

Windows GUI for managing 

MySQL databases. 



SQLyog 5.01 Befa4 

f you run a Web site using a content man- 
agement system, you've likely run into 
MySQL for databases and its de facto 
graphical management tool, phpMyAdmin. 
There's nothing wrong with phpMyAdmin, 
but there are times when an alternative, 
such as SQLyog, may be a better choice. 

SQLyog is a Windows-based MySQL 
GUI that works seamlessly if you're running 
it and MySQL's Windows version on the 
same rig. Almost as good is running SQLyog 
on the same LAN so you only need to open 
a (somewhat-insecure) remote MySQL port 
to local IP addresses. You can also install a 
PHP stub file on your Web server and use 
SQLyog remotely without network risks. 

The main benefit of running SQLyog 
locally is speed. Running SQL commands 
has never been faster, as the running History 
pane proves — we're talking milliseconds. 



NewsLeecher 3.5 Befa 7 



Multimedia files just keep getting larger, 
so downloading a batch of such files 
via Usenet naturally requires some sort of 
automation. Scads of apps will do the job, 
but with varying degrees of reliability, ease 
of use, and price. NewsLeecher is a relative 
newcomer, but the binary leecher is general- 
ly regarded as the best in its class. This beta 
betters an already good thing. 

NL mixes a slick UI with a complete fea- 
ture-set, speed, and reliability — a combo 
sorely lacking in this segment. The app lets 
you download files from multiple Usenet 
servers based on server rankings you set at 
config time. This lets you maximize band- 
width limitations on paid servers. Multiple 
download threads from the same server 



maximize your bandwidth by overlapping 
file negotiations, and real-time bandwidth 
throttling helps let you use the Internet for 
other tasks while you're downloading. 

NL's real-time filters can do such things 
as whittle down a listing with thousands 
of files to just the relevant ones. A Super 
Search function lets you find and seamlessly 
download files stored in newsgroups you 
don't subscribe to. Super Search requires a 
$2.95-a-month fee, but that's cheaper than 
most online newsgroup's search sites, and 
there's no need to manually download link 
files, import them into your newsreader, 
and acquire the files yourself. 

NL is pricey at $30, but there's a 30-day 
satisfaction guarantee for paid users. The 



SQLyog almost makes working with a data- 
base as fast as using a spreadsheet, which 
encourages browsing in a way phpMy- 
Admin never could. SQLyog is also a stand- 
alone app, so you won't lose work if you 
accidentally close your browser window. 

SQLyog does everything phpMyAdmin 
does and more. Importing/exporting data is 
easy, and wizards and a great Help file fill in 
the gaps. The Enterprise version ($47) gives 
you access to timed backups and automatic 
transfers/synchronizations between two or 
more MySQL databases (even over the 
Internet). The Pro ($9) and Free versions 
are identical, except the Free version has 
pop-ups ads for the Enterprise version. 

The beta was extremely solid and reflect- 
ed a mature product going through regular 
development. If you run databases locally, 
check SQLyog out. A 




Official product name: NewsLeecher 
Version # previewed: 3.5 Beta 7 
Publisher: The NewsLeecher Group 
Developer and URL: The NewsLeecher 
Group; www.newsleecher.com 
ETA: Q2 2006 

Why you should care: The best binary Usenet 
downloaded bar none. 

beta was slightly buggy in my testing, but 
rapid updates are shrinking that bug list. A 
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software upgrades 




Driver Bav 



Upgrades That'll Keep You Humming Along 



Most updates this month are iterative rather than substantial, but 
Firefoxers finally get their new Google Toolbar. On the driver side, the 
cool LCD on the Logitech G15 game keyboard learns new tricks, and 
GeForce 6/7 owners get better hi-def decoding. 



Upgrades 



AOL AIM Triton 1.2.37.2 Beta 

The enhanced, tab-driven IM client now 
has drag-and-drop photo sharing, alerts 
when a Buddy updates her profile, and 
one-click access to her profile from within 
the IM interface. 

Get it at: www.aim.com 

Avant Browser 10.2 Build 39 

This build of the customized version of 
IE, which features tabbed browsing and 
good privacy features, includes improved 
tab navigation and pop-up blocking, mul- 
timonitor support, and improved speed 
and page scrolling. 

Get it at: www.avantbrowser.com 

Google Firefox Toolbar Version 2.0 

The Firefox version of Google's Toolbar 
gets some of the same additions that 
Google recently added for IE users, 
including an enhanced search box, 
antiphishing routines, and the ability to 
subscribe to RSS feeds from the toolbar. 
Get it at: www.google.com 

iTunes 6.0.4 

iTunes gets stability and performance 
tweaks in this incremental refresh. 

Get it at: www.apple.com 

Mac OS X 10.4.6 

Versions of this update are available for 
PowerPCs and newer Intel-based Macs. 
Included is support for a broader range 
of devices for iSync 2.2 for synchroniz- 
ing PDAs and cell phones to the OS. 
There's also improved wireless network 



locating and logons and resolved issues 
with some third-party apps, including 
World of Warcraft. 

Get it at: www.apple.com 

Opera for Mac OS X\Linux\FreeBSD 9.0 Beta 

This preview for Opera's next-gen brows- 
er gets similar changes across three non- 
Windows platforms, including fixes for 
memory leaks, widget problems, Gmail 
attachments, and the content blocker. 
The Mac OS X update is Build 3312; the 
Linux\FreeBSD versions are Build 206. 

Get it at: www.opera.com 

Portable Firefox 

This Firefox version, which updates the 
browser to the 1.5.01 build, is optimized 
for portable devices or a CD, so you can 
launch your personalized browser with 
bookmarks and extensions from any PC. 
Get it at: www.portableapps.com 

The Bat! Professional 3.72.08 Beta 

Recent updates for the alternative email 
client include fixes for problems with 
scheduled actions and Watch And Send 
commands. Attachment sizes are also now 
exact rather than estimated. 

Get it at: www.ritlabs.com 

WinRAR 3.60 Beta 1 

WinRAR gets significant improvements, 
including enhanced performance for dual- 
core processors and HyperThreading 
CPUs, more flexibility for the tree naviga- 
tion interface, the ability to now rename 
Zip files, and more extraction options for 
faster post-decompression clean-up. 

Get it at: www.rarlab.com 



Creative Sound Blaster Audigy 2 ZS 
Video Editor 1.00.0050 

This update of the installation disc 
drivers repairs DVD-Audio playback on 
AMD 64-bit dual-core systems and audio 
disturbances on all dual-core systems. 

Get it at: www.creative.com 

DirectX 9.0 Update 

DirectX claims improvements in graphics, 
performance, and security with this update. 
Get it at: www.microsoft.com 

Logitech G15 Gaming Keyboard 1.02.218 

New drivers for the keyboard with its 
own LCD let you modify the LCD, move 
across applets faster, and more. 

Get it at: www.logitech.com 

Netgear WPN824v2 Firmware 1.0.19 

This upgrade turns on DoS protection, 
provides CHAP support for PPTP, fixes a 
DDNS issue, and lets Unicast and multi- 
cast traffic work more efficiently together. 
Get it at: www.netgear.com 

Nvidia ForceWare 84.21 

These WHQL drivers add support for 
recent Nvidia cards and Nvidia SLI support 
for mixed vendors. Pure Video gets support 
for H.254 decompression on GeForce 6/7 
cards, HD MPEG-2 inverse telecine, and 
spatial temporal deinterlacing. 

Get it at: www.nvidia.com 

Realtek AC'97 ALC650 A3.85 

This update for mobos with onboard 
Realtek audio updates the Realtek 3D 
engine and some customized settings, plus 
fixes a Fujitsu power-management issue. 

Get it at: www.realtek.com.tw 

Saitek Game Peripherals 

Saitek game controller models for stan- 
dard Windows and 64-bit WinXP systems 
get driver updates. Cyborg devices, the 
Pro Gamer Command Unit, gamepads, 
X45/52 flight controllers, and the gaming 
keyboard get respective driver updates. 

Get it at: www.saitekusa.com 

by Steve Smith 
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Jukebox Shootout 

Six Music Managers For Your Listening Pleasure 



Where music is concerned, many 
of us take for granted a combi- 
nation of technologies that 
have only been around a relatively short 
time. We now have personal archives of 
digital music with thousands of ultra- 
high-quality songs and the ability to 
download almost any song imaginable for 
under a $ 1 and make that music collection 
available throughout the home or take it 
with us when we're away. 

Many pieces work together to make all 
of this possible, including a big hard drive, 
home network, and portable music player, 
but music manager software is the glue 
that holds it all together. Think of it as a 
jukebox that lets you organize and expand 
your music collection. These apps can also 
introduce you to new music and let you 
buy music online. Many apps incorporate 
video, too, letting you watch television 
programs, news, and other content. 

I looked at six popular media players. 
The one that's right for you will depend 
on the features you want, its compatibility 
with your portable music player, and the 
price you're willing to pay. Unfortunately, 
another important factor is your tolerance 
level for advertising, as some jukebox pro- 
grams use their screen real estate as an 
unbridled opportunity to bombard you 
with ads for everything from software 
upgrades to medication. 



Apple iTunes 6 

iTunes ships with the iPod, 
but it isn't one of those barely 
functional bundled utilities you 



iTunes 6 

Free 

Apple 

www.apple.com/itunes 



hate to use. In fact, there are plenty of 
reasons to use it as your PC media man- 
ager, even if you don't own an iPod. The 
interface is sleek and fast, and you can 
find the song or playlist that you want on 
a moment's notice, even with a huge 
music library. 

As a music manager, iTunes excels. If 
you want to find a particular song or all 
the songs by a particular artist in your col- 
lection, type a few letters in the Search 
field, and your collection is filtered instant- 
ly. Smart Playlists will automatically play 
your favorite songs, the ones most recently 
added, tunes from a certain era, songs you 
haven't heard lately, or songs based on 
whatever other criteria you can dream up. 

iTunes includes great support for free 
online content. The app can check RSS 
feeds for podcasts and download them 
automatically. Additionally, it can play 
some types of streaming radio stations, 
and it comes preloaded with a fair-sized 
list of stations organized by genre. 

You can rip CDs using MP3, AAC, 
Apple's Lossless Encoder, and other 
codecs. You can also add support for Ogg 
Vorbis via a plug-in. If you have iTunes 
installed on more than one computer on 
your network, you can play songs stored 
on other computers, creating a centralized 
music server, or just spy on your co-work- 
ers' musical tastes. (Because iTunes is 
available for Mac OS X and Windows 
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XP, you can even play music on a sys- 
tem with another OS.) 

The iTunes Music Store is a nicely 
integrated part of the application, let- 
ting you choose from myriad individ- 
ual tracks for 99 cents each or entire 
albums usually for $9.99. I like the 
Music Store, but I love that you can 
turn it off — a gracious feature lacking in 
many other applications with music stores. 
The Mini-store, which offers up new 
music selections that match what you're 
currently listening to, is disabled by 
default. You can eliminate access to the 
store entirely via the Preferences window. 

Naturally, iTunes and an iPod go hand- 
in-hand, and iTunes delivers utilitarian 
features for iPod users. iTunes does work 
with a handful of other portable players, 
including Nomad and Rio, but not nearly 
as many as WMP and RealPlayer do. 
(DRM-protected songs from the iTunes 
Music Store won't work with those third- 
party players.) If you're married to another 
portable player, chances aren't great that 
iTunes will work with it. 



Microsoft Windows 
Media Player 10 

WinXP users who 
are in need of a new 
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music manager might be tempted to reach 
for Windows Media Player 10. After all, it's 
free and familiar; you already have an older 
version preinstalled with WinXP. 

The features are certainly here. You can 
listen to music in most file formats, rip songs 
from CD, and burn songs to CD. You can 
browse your music library by genre, year, 
artist, and rating and enjoy various visualiza- 
tions while you listen. You can even watch 
music videos and tune into Internet radio 
stations. WMP10 can synch your music 
with about 70 models of portable music 
players, smartphones, and Windows-based 
PDAs, but it doesn't support the iPod. 

WMP10 does it all, but it isn't particu- 
larly satisfying to use. The interface is overly 
cluttered with layers of tabs and several 
browsing environments. Advertisements, 
upsell attempts, and pop-up warnings about 
digital rights management often interject 
themselves. Additionally, the UI is overdone 
with several Web-like browsing environ- 
ments. There's one under the Guide tab, a 
music shopping site under the Music tab, 
and another for music videos under 
the Video tab. The clutter is 
confusing and unnecessary, 
with offers to buy stuff 
seemingly everywhere. 




Microsoft is all about DRM, so WMP 
is wrapped up in layers of DRM that fre- 
quently get in the way. The default for- 
mat for ripping CDs is Windows Media 
Audio, and the only alternative is MP3, 
and you get the feeling Microsoft pro- 
vides that only grudgingly. MP3 is listed 
in the Rip Settings menu in lowercase 
below three flavors of WMA, and there's 
no ability to encode MP3s at 160Kbps. 
Encoding for Ogg Vorbis and other file 
formats are conspicuously missing from 
the ripping options, but you can acquire 
some with plug-ins. 

If you don't have a towering stack of 
CDs to rip, WMP 10 offers many choices 
to keep you entertained. There's a built-in 
music store where you can buy single 
tracks, usually for 99 cents each, or entire 
albums for about $9 and up. You can also 
choose the Radio Plus service, which 
offers unlimited ad- free music for $30 a 
year. You're not even limited to those two 
options. WMP can play a bevy of differ- 
ent protected file formats, including from 
Napster, MusicMatch, and others (pro- 
vided you have the proper licenses, of 
course). The program also provides access 
to free streaming radio stations and a 
selection of music videos. My enjoyment 
of both was often preceded by annoying 
video advertisements, however. 

WMP 10 continually treats you like a 
consumer (and not a particularly trust- 
worthy one, at that), making it difficult to 
just sit back and enjoy the music. 

Mystik Media Blaze Media Pro 6.1 

Blaze Media Pro tackles a different 
angle than the other programs here. It 
doesn't do as much in terms of managing 
your music collection, but what it brings 
to the party are plenty of tools for con- 
verting, editing, and playing audio/video 
files. The program is $50 after a free 
two-week trial. 

Blaze plays a multitude of A/V formats. 
Audio coverage includes any format you'd 
care to use, and the video formats include 
AVI, several MPEG flavors, and WMV. 
As a media player, Blaze does a great job 
with its sleek interface and intuitive con- 
trols. Blaze's real power, however, is in its 
format-conversion and editing features. 
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Windows Media Player 10 

Free 

Microsoft 

www.microsoft.com/windows 

/windowsmedia/mp10 



With the click of a button, you can 
easily convert audio files between MP3, 
WMA, Ogg Vorbis, and WAV formats. 
You can convert DVD audio to any of 
those formats, as well as rip CDs. You can 
use the DVD sound ripping to extract a 
favorite song or audio track from a movie 
disc, although the process happens in real 
time, so it can take a while. The program 
also does video conversion between AVI, 
MPEG, and MPEG formats. With batch 
processing, you can do multiple conver- 
sions in one fell swoop. 

Blaze also includes a waveform audio 
editor, which is handy for removing a 
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Blaze Media Pro 

Playback Plajilist Ci 






Blaze Media Pro 6.1 

$50 

Mystik Media 

www.blazemp.com 

• ••• 



CPU RANKING O = ABSOLUTELY WORTHLESS | ••« 2.5 = ABSOLUTELY AVERAGE | 



5 = ABSOLUTELY PERFECT 



CPU /June 2006 75 



reviews software 




Winamp 5.21 

Free; $19.95, Pro version 

Nullsoft 

www.winamp.com 
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RealPlayer 10.5 

Free; $19.99, Plus version 
Real Networks 
www.real.com 
• • 



lengthy song intro or amplifying a quiet 
segment, for instance. The editor is about 
on par with the open-source Audacity, 
but it's convenient to have all the audio 
tools under one umbrella. You can also 
use the editor to capture audio from a 



microphone, phonograph, or streaming 
audio source. A timer lets you record 
online radio programs when you're away. 

Blaze Media is probably best for users 
who already have stacks of audio CDs to 
convert or a directory full of music files. 
Aside from tools for capturing audio, it 
doesn't provide much in the way of getting 
new music; there's no integrated music store 
or built-in support for streaming radio. 
Although the media manager lets you create 
and save playlists, it's rather sparse com- 
pared to programs such as iTunes and 
WMP. Blaze Media can't quickly sift 
through your music collection to show 
music by a particular artist, for example. 

Blaze Media Pro works with Windows 
98 SE/Me/2000/XP, and according to the 
company, version 7 should be available as 
you read this. That version will include an 
updated video DVD burner feature, 
improved capture of long audio recordings 
with automatic track splitting, and the 
ability to convert video formats to Flash. 

Nullsoft Winamp 5.21 

Winamp is a long-time favorite 
among enthusiasts; it's small, stable, and 
reliable. Despite AOL having purchased 
Winamp, the player manages not to be 
offensively commercial. 

Winamp is available in three versions. 
The free Full version is quite adequate as a 
music player and media manager, provid- 
ing CD burning, synching with portable 
devices (including the iPod), and access to 
free streaming online radio. There are two 
major limitations, though; it can't rip CDs 



Let The Music Do The Talking 

Like every other software category, there's the cream of the crop and the also-rans in the 
media-manager segment. All but one of these apps offers a free version, so check them out. 
Here's a brief look at how these six jukeboxes match up. 



to MP3 (although it can rip to AAC, 
aacPlus, and WMA), and it burns CDs at a 
maximum speed of 2X. A $19.95 Pro ver- 
sion solves both issues. There's also a 
stripped-down Lite version that serves as a 
basic MP3/AAC player with virtually no 
other features. It's free and only a 1MB 
download, but the Full version does much 
more, and at 5.5MB it's far from bloatware. 

The default interface is svelte and 
unobtrusive, and its clean look is a wel- 
come departure from the full-screen envi- 
ronments other music software delivers. 
On the downside, Winamp's basic UI can 
be difficult to decipher with its tiny, poor- 
ly labeled buttons. You can download free 
skins to change the interface, however. 

The media library is the core of the pro- 
gram. Here you can browse your music col- 
lection in various ways, including seeking 
out the newest, most-played, or favorite 
tunes, for example. Many features here are 
similar to those in iTunes, such as Smart 
Views, which let you build custom playlists 
based on any combination of criteria. 

Even if you don't have any music files 
or own a single CD, you can groove right 
away thanks to oodles of free streaming 
content. ShoutCast Radio delivers thou- 
sands of online radio stations in every con- 
ceivable genre, and AOL Radio provides 
content from XM Satellite Radio. There's 
video streaming, too, as the ShoutCast TV 
feature provides instant access to all man- 
ner of television shows, while AOL Videos 
lets you watch content from CNN, come- 
dy videos, and more. Winamp also has 
excellent support for podcasts; you can 
browse through hundreds of podcasts, 
subscribe to your favorite feeds to listen 
online, or download them. 

With easy access to streaming content, 
podcasts, and free MP3s at Winamp.com, 





OSes Supported 


iPod Support 


Access To Free Content 


Advertising 


Blaze Media Pro 6.1 


Windows 98/Me/2000/XP 


No 


None 


None 


iTunes 6 


WinXP, Mac OS X 


Yes 


Podcasts, streaming radio directory 


Low (can be disabled) 


MusicMatch Jukebox 10 


WinXP 


No 


None 


Moderate 


RealPlayer 10.5 


Win98/Me/2000/XP; 
Mac OS X; Linux 


Yes 


None 


Very high 


Winamp 5.21 


Win98/Me/2000/XP 


Yes 


Podcasts, streaming audio 
and video directories 


Low 


Windows Media Player 10 


WinXP 


Yes 


Streaming audio directory 


High 
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Winamp delivers a satisfying combination 
of apps and free content. 

Real Networks RealPlayer 10.5 

RealPlayer's over-the-top advertising was 
so offensive it would have worn out its wel- 
come on my PC in three minutes had I not 
been writing this review. The quantity and 
type of ads make WMP seem serene by 
comparison. RealPlayer bombs you with 
pop-up ads, audio/video ads that appear 
unbidden, and more. I counted a dozen ads 
on the main Real Guide page alone. 

The program handles most audio and 
video formats, as well as video. The soft- 
ware is available in a free basic version and 
$19.99 RealPlayer Plus version. The free 
version is so crippled it's almost unusable, 
which is maddening because you know 
the missing features are in there if you pay 
for the Plus version or SuperPass. 

The Plus version adds higher-quality 
audio and video, 90 ad-free radio stations, 
a 10-band graphic equalizer, additional 
CD burning features, and other gizmos. 
You can also opt for the SuperPass, which 
costs an additional $12.99 per month 
(after a 1 4-day trail). If you're willing to 
pay that monthly dosh, RealPlayer's con- 
tent shines. You'll get access to videos 
from iFilm, music downloads, news and 
sports from BBC and Sporting News, and 
more. SuperPass also enables RealPlayer 
with all the features RealPlayer Plus adds. 
There's also the optional RealArcade, 
which provides access to 300 download- 
able games. You don't own that content, 
though. Let your subscription lapse, and 
your access to most of the songs, games, 
and videos will vanish. 

Did I mention the ads? The program is 
relentless. When you boot up your com- 
puter, even before you've launched any 
programs, RealPlayer accosts you with 
pop-ups about new content it thinks you 
might want to see. 

Like WMP and iTunes, there's a music 
store (songs start at 49 cents) and the ability 
to rip and burn CDs and sync music with a 
wide variety of portable players (including 
the iPod). But I wouldn't bother. There's 
nothing wrong with a company charging 
for content, but there is something wrong 
with giving away "free" software with the 




The Best Music Player For Linux? 

Need an audio player for your Linux box? Chances are you already have XMMS. It 
comes preinstalled with many distributions and is a perfectly serviceable media 
player. But for a complete, integrated 
music-management tool, nothing can beat 
amaroK ( amarok.kde.org) . amaroK, which 
requires the KDE desktop environment 
provides a 10-band equalizer, automatic 
download of cover art and lyrics, and other 
cool features for music lovers. There's also 
support for the iPod (as well as many other 
portable players) and podcasts. Oh, and 
the "super eye-candy interface" is fun, too. 

primary purpose seemingly being to deliver 
an onslaught of video ads. I'd rather listen 
to tunes on an old 8-track than deal with 
this offensive software another minute. 

Yahoo! MusicMatch Jukebox 10 

MusicMatch Jukebox 10 is a well- 
rounded program that can organize your 
music, rip and burn CDs, and synch with 
many portable music players. Like many 
of the other players, Jukebox is available in 
free and paid versions. The $19.99 Plus 
version lets you rip and burn CDs more 
quickly than the free version, print CD 
labels and inserts, and record MP3s from 
your LPs or other outside audio sources. 

Either way, one of MusicMatch's coolest 
features is AutoDJ, which puts other play- 
ers' shuffle functions to shame. AutoDJ can 
mix up your music based on genre, tempo, 
and other criteria, so the mood won't jump 
from Paul Anka to Metallica. You can also 
drag in a couple songs you're in the mood 




MusicMatch Jukebox 10 

Free; $19.99, Plus version 

Yahoo! 

www.musicmatch.com 

• •• 



for, and the app will populate the rest of 
the playlist with related artists. 

Like RealPlayer and WMP, there are 
several ways to add to your music library. 
A music store offers most tracks for 99 
cents and albums for $8.49. Another level 
of service, MusicMatch On Demand, 
provides access to 900,000 songs for 
$59.88 a year or $4.99 per month. (The 
songs are only available while you remain 
a subscriber.) Unlike RealPlayer and 
WMP, MusicMatch is tolerable if you 
don't want to upgrade the service. There 
are occasional exhortations to upgrade, 
but they don't reach the level of frantic 
desperation of those other programs. 

A few features are missing in Music- 
Match 10, notably because they were in 
version 9. Access to free streaming radio 
stations seems to have disappeared in favor 
of the On Demand service. Handy access 
to any artist's discography, bio, and other 
information has similarly vanished. 

Yahoo! owns MusicMatch, in addition 
to offering Yahoo! Music Unlimited 
( music.yahoo.com/unlimited ) . A Yahoo! 
spokesperson called the overlap between 
Unlimited and MusicMatch "confusing" 
and says the two will be rolled into a sin- 
gle product later this year. It's not 
known, however, what the new music 
product will be called. While we don't 
know what the future holds, Music- 
Match Jukebox is for now a strong choice 
for users who want access to a variety of 
online content. A 

by Kevin Savetz 
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CyberLink PowerDirector 5 
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PowerDirector 5 

$89.95 

CyberLink 

www.cyberlink.com 



N etting a right mix or power, 
^ — A ease, speed, and price in a 
video-authoring app can be tough, but 
PowerDirector 5 manages well. The 
app quickly captures video from ana- 
log and digital sources, converts video 
and audio files for nearly all formats, 
makes editing and applying filters 
quick, and exports DVDs or video 
files with full menus with amazing 
speed. With a speedy rig, PD5 almost 
makes working on a video project a pleasure. 

PD5 can perform all the tasks needed to create 
a polished video or DVD from various sources. A 
slick GUI makes each step fairly intuitive, as the 
tools and buttons are laid out in such a way that 
you're guided to click each in the proper order. 
Perhaps PD5's only flaw is that some buttons 
aren't visible when the app isn't maximized. 

PD5 seemed well-optimized and blazingly fast 
on a 3GHz P4 rig with lots of memory and drive 
space. Applying effects was drag-and-drop easy 



Techsmith Snaglt 8 



by Warren Ernst 



and nearly instantaneous. Video captures from a 
DV camera seemed to go directly to MPEGs 
without a second transcoding pass. Editing 
videos, adding special effects and filters, and 
recording a voice-over in real time was lag-free. 
Even DVD burning seemed to occur without 
extra transcoding passes. 

The app's GUI and speed encourages you to 
experiment. For example, I tested an anti-jitter 
filter on a scene with considerable motion and a 
wind-noise eliminator on a scene of a couple's 
wedding vows spoken on a wind-swept beach. 
This worked in seconds, and the results were 
usually spectacular. PD5's various Magic tools 
add perfectly timed background music, clean up 
red-eye, cut long clips to short ones, and more. 
This version adds Magic Style, which adds one of 
12 preset styles to a project, and Magic Fix, 
which automatically touches up videos/photos. 

If you're used to video projects taking forever 
and not being fun, you owe it to yourself and 
your videos to give PowerDirector 5 a try. A 
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Snaglt 8 

$39.95 

Techsmith 

www.techsmith.com 



ver wonder why you see 
so many reviews of screen- 
capturing software? It's because 
such software is a standard tool in 
a software reviewer's arsenal, and it 
gets used almost every day. For 
more typical users, spending signif- 
icant money on a tool you use only 
occasionally to take a screen shot 
may not make much sense. But 
then there's Snaglt 8, which makes 
getting jaw-dropping screen cap- 
tures so easy, including captures of animated 
movies or captures with active hypertext links. 
After using Snaglt you'll likely never look at 
screen-capturing software the same way. 

Snaglt 8 features a totally revamped graphi- 
cal interface, which should make the app more 
accessible to casual users. The program's various 
types of captures are now listed as icons in the 
main program window, with various cartoon 
speech bubbles appearing over the buttons, 
icons, and windows when you click to complete 
a task; it's tough to get lost with Snaglt 8. 



In addition to standard Full Screen and Active 
Window captures, Snaglt has some unusual and 
unique capture routines. The program can auto- 
matically scroll a window and capture all the 
window's content in one long file — no cutting 
and pasting required. Snaglt can also save screen 
shots of Web pages while maintaining the page's 
hypertext links (provided you save the capture as 
a PDF, Flash/SWF, or MHTML file; Snaglt lets 
you save captures in as many as 29 file formats). 
Snaglt can also capture screen shots of printouts 
via a customized printer driver, capture all graph- 
ics from a Web page, and capture editable text 
from virtually any screen. 

Once the program captures content, there's a 
wealth of editing and markup tools available, 
including arrows, callouts, watermarks, perspec- 
tive shifts, standard cropping, and color manip- 
ulation. All edits are nondestructive, so you can 
reuse screens to point out different items. 

Snaglt is as close to perfect as screen-capture 
software can be, and its unique feature set may 
generate new users who otherwise may have 
thought such software a luxury. A 
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CeledyDraw 2 

$64.99 

Celedy Software 
www.celedy.com 
• •• 



he best way to describe Celedy- 
Draw 2 may be to say that it com- 
bines features of desktop publishing 
and drawing programs into one app. 
Take features from Microsoft Publisher 
and Adobe Illustrator's basic drawing 
features, and you have CeledyDraw 2. 

As a desktop publisher, CeledyDraw 
2 organizes text and graphics on a page 
and offers such basic features as wrap- 
ping text around graphics, linking text 
between separate text boxes, and adjusting text 
spacing through leading and kerning. The app is 
limited, though, in its ability to handle text from 
other programs. For example, you can't import a 
Word doc directly; you can only import text files, 
meaning you'll lose your current formatting. You 
also can't copy text from another program and 
paste it into a CeledyDraw 2 text box. 

On the graphics side, the app shines with its 
huge library of graphics and multiple drawing 
tools. Most similar apps only let you arrange and 



HumanConcepts OrgPlus 6 



by Wallace Wang 



resize graphic images, but CeledyDraw lets you 
draw your own using the Freeform, Bezier Curves, 
and Polygon drawing tools. If you add a graphic 
image from the app's library or draw your own 
image using the drawing tools, you can reshape 
the image later. 

Cramming desktop publishing and drawing 
tools into the same window doesn't exactly make 
CeledyDraw 2 intuitive. Most programs have an 
Insert menu to add a new object, but Celedy- 
Draw forces you to use the View menu. For 
example, to add a new page, you must click View, 
Page, and Add Page. To insert a graphic you click 
Edit and then Insert Graphic Symbol. 

The app is geared primarily at home and 
small-business users, but it can export EPS files 
(plus JPEG, BMP, PNG, PDF, and more), so 
you can import CeledyDraw files into such pro- 
grams as Adobe InDesign. CeledyDraw is a solid 
app for personal and small-business uses, and its 
low cost and combination of desktop publishing 
and drawing tools make it appealing. A 
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OrgPlus 6 

$189.95 (Standard); $295 (Pro) 
HumanConcepts 
www.orgplus.com 
• ••< 



Plus 6 is sure to intrigue 
any company head looking 
to visually display the employee 
hierarchy of her corporation. Sure 
you can create such charts using 
pencil and paper or any drawing 
app, but OrgPlus makes creating, 
editing, and working with such 
charts much faster and simpler. 

OrgPlus' charts start with a sin- 
gle box in which you type a name 
and job title. You can then add 
boxes for more jobs, which will appear as being 
linked from the top, bottom, or sides to existing 
boxes. Creating boxes and typing names/titles 
multiple times gets tedious for even small charts, 
though. To that end, you can enter names and 
titles in a text or Excel file, identifying each 
person with a number and the number of people 
he reports to. OrgPlus can then automatically 
create an organizational chart. For example, John 
Smith will appear at top with Joe Smith shown 
reporting to him, followed by Jim Smith report- 
ing to Joe Smith and John Smith, and so on. 



OrgPlus lets you apply various colors and 
designs to charts, plus there's a search function 
(with included data mining abilities) and 
Freeform tool and the ability to combine charts 
from different departments into one master 
chart. You can also create legends and Hotspots 
within boxes to dynamically display employee 
profiles (including displaying photos) when a 
mouse cursor passes over the Hotspot. You can 
also rearrange chart items, so if you can move 
a box to a different location, OrgPlus can 
automatically move all subordinate boxes in the 
chart with it. This lets you see how a company's 
balance of power might shift if the vice president 
of marketing is promoted or demoted. Addi- 
tionally, you can share charts by printing them 
as Word, PDF, or PowerPoint files, and a free 
browser plug-in will let others view charts via a 
Web browser. 

OrgPlus 6 makes creating and updating even 
fairly complex organizational charts easy and 
actually fun. With such a specialized focus and 
hefty price tag, however, the app is definitely 
geared more to corporations. A 
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Could you live without Google for an 
hour? Could you make it a day? Could 
you survive a week? I did. In fact, I pulled 
myself through two weeks without using the 
search juggernaut just to prove I could. Some 
called me insane; some called me Maurice; but 
I did it like the Space Cowboy I am. I braved 
the challenge for the sake of delivering you the 
cold, hard facts. Plus, it made for some hellish 
blog entries. 

Quitting Google was almost as bad as quit- 
ting coffee. Google seems to release a new 
service or piece of software every couple of 
weeks. It owns nearly half the search engine 
market, and it's well on its way to owning your 
Desktop, too. Don't believe me? The Google 
faithful use Google Talk alongside Google 
Desktop while browsing with the Google 
Toolbar in IE or Firefox. They send messages 
via Gmail while watching their Google Page- 
Rank grow and shrink, check their Google 
AdSense stats every other minute while Hog- 
ging on Blogger.com, upload Web sites on 
Google Pages while testing the latest beta of 
Google Web Accelerator, and load their Google 
Analytics charts while using Picasa to organize 
photos in the background. Not to mention 
searching on Google.com every other minute! 

What happens if (and when) Google 
gets bigger? 

I dared myself to go "googlefasting." I was 
not trying to make a political statement or 
force Google's stock price to plummet. When 
I started, "googlefasting" didn't show up in 
any search engine, Google included. When I 
reached the end of the first seven days, Google 
reportedly had more than 50,000 references of 
"googlefasting." In fact, if you want to experi- 
ence my whole experiment from top to bot- 
tom, search for it yourself. By now, most 
search engines should have the entire chroni- 
cle well indexed. 

Since I don't use Google's software (largely 
because it's designed quite poorly), I decided 
to focus my fast on what most people use 
Google for: searching. The first few hours 
were truly the toughest. I was biting my teeth 
and ruing the moment I believed I could do it, 
and for no good reason other than to prove I 
could. I lashed out at everything around me, 



being more emotional than empirical with my 
reporting. It didn't take but a day for people 
to ask for more complete thoughts, detailed 
explanations as to my methodology (not nec- 
essarily my madness). 

I immediately fell back to Yahoo!, as it was 
the closest thing to Google I could find. After 
a few days, I realized I was treating Yahoo! like 
a Google surrogate — like comparing a new 
girlfriend to an ex (a mistake you should only 
make once in your life). I found Yahoo! quite 
comfortable, but I couldn't help but feel like I 
was cheating on Google. It was time to pull 
away from the Google mindset entirely, to 
push myself into using "other" search engines. 
Yes, other search engines besides Google do 
still exist! 

Repeatedly, I would get frustrated with not 
being able to find what I was searching for. I 
attributed this to being in tune to how Google 
indexes content and how I had learned to opti- 
mize my searching strategies for how Google 
works. Most annoying was when I was seeking 
for Web pages I knew were at the top of 
Google's results but were no where to be found 
in the top 50 of other search engines. Bah! 

I regularly flipped between Yahoo!, 
Gada.be, Technorati, Feedster, Ask, MSN, 
and IceRocket. None filled the void Google 
left. Still, as the first week wore on, I realized I 
could live without Google. I upped my per- 
sonal challenge to another week, and it really 
wasn't that difficult to do. I think it was 
around day 1 that I made the mental switch: 
Living without Google is quite possible. 

I have an emotional attachment to Google, 
but it's no longer blind faith (like yours, most 
likely). There's a reason Google is on top; it 
works and works quite well. Google didn't pay 
me to do this, nor did the other search engines. 
I don't recommend you try this at home — or 
at work, for that matter. If you're someone 
who searches with Google constantly, I bet you 
couldn't last a single day without it. 

After sending two dozen roses and a box 
of chocolates to its offices, Google and I are 
once again dating. It's too early to talk about 
wedding bells yet; let's just say I'll know 
where and how to find a ring online when 
the time comes. A 



Chris Pirillo has his own 

metasearch service, which is fully 

accessible from Web browsers on 

the Desktop or your favorite 

mobile device. Gada. be is where 

you can start. And if you want to 

find Chris on the Web, you don 't 

have to look very far, just enter 

"Chris" into a Google search box 

and press the I'm Feeling Lucky 

button. Chris doesn 't believe in 

polygamy, which makes sense 

when you understand that his 

impending faux marriage 

proposal to Google would be 

trumped by his existing plans to 

marry his soul mate, Latthanapon 

Indharasophang They met 

online, but not through Google. 



dared myself to go 

"googlefasting." I 

wasn't trying to 

make a political 

statement or force 

Google's stock 

price to plummet. 



You can dialogue with Chris at chris@cpumag.com. 
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his month, eight random quickies about 
open source. 



II love lists of links to free books on the Web. 
This one, akaimbatman.intelligentblogger 
.com/wordpress/archives/17 t is from Intelligent- 
Blogger.com on the low quality and high price 
of today's tech books. What's cool here are the 
quickie reviews offered on the free books listed, 
so you can build your own free library of pro- 
gramming titles. There are links to Baen's free 
sci-fi collections and the obligatory Project 
Gutenberg link at gutenberg.org . Also take a 
squint at IntelligentBlogger. corn's blog for useful 
tech commentaries and overviews. 

2 Will I finally be able to get the Function 
keys on my Microsoft keyboard to do 
something in Linux? Could be. I found and 
installed KeyTouch ( keytouch.sourceforge.net) . 
After a few months of use, my MS wireless key- 
board was ready for the junk pile, replaced by 
the latest USB-wired Microsoft Natural Ergo- 
nomic 4000. KeyTouch doesn't come with a 
config file for that model, but what it had was 
close enough to get at least some of the "special" 
buttons to work. There's even a graphical con- 
figuration editor that, sadly, doesn't do USB 
keyboards. With some spare time, I could map 
the signals manually and build my own configu- 
ration file. Until then, I'll manage OK. 

3 Issue Dealer ( issuedealer.com) , another 
Web app for managing data, is based on 
Zope ( www.zope.org) and is kind of neat. Nor- 
wegian project sponsor Nidelven IT ( www 
.nidelvenHt.no ) takes a refreshingly minimalist 
and straightforward approach to its Web site, 
demo, and documentation. Nidelven hopes to 
profit from Issue Dealer by offering hosting ser- 
vices. A demo server is available at demos.issue- 
dealer.net ; you'll want to spend some time fig- 
uring out how to use it before you invest even 
more time installing it on your own server. If 
you like it but don't want the hassle of installing 
and administering it, go ahead and have Nidel- 
ven host it for you. 



4 If you think DRM has no impact on hon- 
est users, think again. CNET's James Kim 
reported in "The truth about battery life" 
(reviews.cnet.com/4520-6450 7-646277M 
.html) that users foot the bill for increased pro- 
cessing in the form of shortened battery life. 
Kim wrote, "Heavy DRM not only slows down 
an MP3 player but also sucks the very life out of 
them." WMA tracks can drain batteries as much 
as 25% faster than non-DRMed MP3 tracks. 

5 What makes the "Recovery is Possible!" res- 
cue distro (www.tux.org/pub/people/kent- 
robotti/looplinux/rip) special is that it can boot 
crashed Windows or *nix systems from CD/ 
DVD or from a memory stick. You can resize 
or recover Windows and *nix disk partitions, 
change passwords on WinNT/XP systems (for 
when you forget the password, of course), and 
even boot from DOS or Win95/98. Another 
handy open-source tool for all sysadmins. 

6CodeCoffee.com is another random Linux 
link I stumbled across recently, filled with 
helpful tutorial goodness covering basic *nix 
command-line stuff, as well as PHP, SQL, 
JavaScript, Bash programming, and much more. 

7 The Internet FAQ Archives ( www.faqs.org 
/faqs) has been around forever, but it's 
worth mentioning again for the newbs. And if 
you're interested in *nix, check out Eric Ray- 
mond's "The Art of Unix Programming" ( www 
.faqs.org/docs/artu) . Chapter 1, "Philosophy," is 
particularly useful. 

8 Brand-name Linux systems may be scarcer 
than hen's teeth at retail, but HP not only 
sells servers with Linux but also offers the free 
TestDrive app ( www.testdrive.hp.com) . Regi- 
strants get free shell accounts of their choice of a 
variety-pack of HP hardware running various 
flavors of Linux and BSD, as well as HP's own 
HP-UX, Tru64 Unix, and OpenVMS. Not 
really for end users, but developers can use 
TestDrive to audition HP servers for Oracle, 
C/C++, Fortran, or Java apps. A 



by Pete Loshin 
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Pete Loshin, former technical 
editor of software reviews for 
Byte Magazine (print ver- 
sion), consults and writes 
about computing and the 
Internet. He also runs 
www.linuxcookbook.com. He 
owns shares of both Microsoft 
and Red Hat and believes 
that Windows isn 'tfor every- 
one, but neither is Linux. 



What's cool here 
are the quickie 
reviews offered 
on the free 
books listed, so 
you can build 
your own free 
library of pro- 
gramming titles. 



You can get saucy with Pete at pete@cpumag.com. 
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Web 2.0 

What's Behind It, Anyway? 



A mong the thousands of buzz- 
/ \ words that, well, buzz around the 
digital cosmos, one has emerged 
in recent months as a genuine touchstone 
for where the Internet may be headed. 
"Web 2.0" is now the official tag, if you 
will, for a host of technical innovations 
and new business models that many ana- 
lysts say are driving the booming Internet 
economy after that fateful bubble burst in 
2001. Shortly after the great digital 
downturn, book publisher Tim O'Reilly 
joined with Dale Dougherty of Media- 
Live International to brainstorm the state 
of the supposedly fallen Web project. 
They realized that "far from having 
crashed," says O'Reilly, "the Web was 
more important than ever, with exciting 
new applications and sites." Google intro- 
duced new algorithms for searching the 
Web and an interface for the Internet that 
users embraced. Yahoo! suddenly cata- 
pulted to massive profitability as advertis- 
ers started moving money online. And 
many old concepts, such as Web-based 
TV and community pages, re-emerged in 
more compelling forms as on-demand 
streaming media and blogging. The Web 
was back, and audiences were ready and 
wired for it. But in this second stage of 
quieter, more frugal development, the 
Internet was being reimagined as a much 
more interactive, user-driven medium. 
Web 2.0. Say what? 

A Platform Not A Medium 

The Web 1.0 of the late '90s was fueled 
by hype, laden with old media presump- 
tions about what the Web should be, and 
discredited by half-baked ideas about Web 
use that were way ahead of an audience 
still struggling with dial-up connections. 
In that world enormous capital went into 
selling dog food (Pets.com) that no one 
wanted to buy online and trying to push 
all the same mega-media brands (Time 



Warner's Pathfinder.com) 
in the same noninteractive 
ways of offline publishing. 

First and foremost, Web 
2.0 conceives of the Web 
not as just another ex- 
tension of print, TV, and 
radio, but as a series of 
"services" or tools that get 
things done. "The Web has 
become a platform," author 
and Web 2.0 theorist John 
Battelle recently told a 
meeting of advertising executives. 

The increasing use of Ajax lets stand- 
alone applications such as email, word pro- 
cessing, contact management, and storage 
become in-browser Web services. Google 
Maps started the trend by letting users 
reposition maps and pop up data without 
page reloads, but a gusher of investment 
and betas are bringing the techniques to 
every imaginable application. The upcom- 
ing major revision of Yahoo! Mail lets you 
drag and drop messages into folders on a 
Web page the same way you would in 
Outlook. ThinkFree.com is an example of 
a full-featured office suite 
that's hosted entirely on- 
line. It puts a complete ap- 
plication menu structure in 
a browser window for mak- 
ing spreadsheets, docs, or 
presentations. Late to the 
game, Microsoft is play- 
ing catch up to the Web 
2.0 services revolution by 
rolling out Windows Live 
( www.live.com ), which 
promises to transform 
Microsoft Office, email, 
bookmarking, and security 
from desktop tasks to 
online resources. Rather 
than being tied to a physi- 
cal location, your PC and 




data are now migrating to the Web itself, 
where you can access it anywhere, anytime, 
and also share it with others. 

More than a set of applications, Web 2.0 
is a pool of data that users can manipulate, 
pull down, and reuse at will, says Kelly 
Abbott, director of information strategy at 
Red Door Interactive. RSS feeds were just 
the beginning of a trend where Web sites 
such as Google Maps and news providers 
open up their applications and databases 
for reuse to provide fully customized and 
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In the emerging world of Web 2.0, the Internet becomes an 
operating system, and companies such as ThinkFree offer 
full-featured software applications as a browser-based "service." 
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on-demand content. Just as Google Maps 
lets users lay their own data onto the map- 
ping interface to create wholly new con- 
tent, sources such as The New York Times 
will offer APIs into its archives, so users and 
developers can pull any slice of data they 
like into their own new applications (an 
encyclopedia, real estate listings for your 
own neighborhood, etc.). 

At O'Reilly's tech publishing company, 
O'Reilly Media, thousands of textbooks 
are fully digitized, so users actually sub- 
scribe to the entire library and can piece 
together chapters and even paragraphs of 
books into their own texts. In a deal with 
Microsoft, help systems in some of its 
software development kits link directly 
into O'Reilly's text libraries to pull down 
advice and even programming examples as 
needed. In traditional media, and even 
most Web 1.0 sites, the publisher defined 
the look and feel of content and how and 
where it could be used. In Web 2.0 the 



Flock promises to weave into a single 

browser interface some of the 

hallmarks of Web 2.0 developments: 

content sharing and remixing, 

blogging, and integrating other Web 

services such as Flickr directly 

into another application. 



user declares how and where infor- 
mation is important to him and 
takes it on demand. In Web 2.0- 
speak, "users add value," says O'Reilly. 

The Web Of Us 

In fact, a central difference among the 
earlier concepts of the Internet as linked 
content and Web 2.0 revolves around the 
increased role of the user, not publishers, 
determining what is valuable online. At 
destinations such as the photo-sharing site 
Flickr, for instance, users not only create 
the repository of images but also tap into 
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Incorrigible 

• Incapable of being 
corrected or reformed. 

• Difficult or impossible 
to control or manage. 







one another's flow of material and tag the 
entries with terms that are important to 
them. Often called "folksonomy," this col- 
laborative tagging doesn't restrict an image 
or any piece of content to a particular use 
that's defined by some professional editor 
somewhere. Folksonomy surrounds the 
many pieces of content with countless 
overlapping tags so that users can find it in 
many more ways. In yet another buzzword 
of the new Web economy, parsing content 




Flock's Geoffrey Arone: 

Don't Say Web 2.0 Around Here 

The bleeding-edge digerati and much of 
Silicon Valley have eyes on the upcoming 
"social browser" Flock because in many ways 
it embodies so much Web 2.0 spirit. By mak- 
ing the browser into a multifunction applica- 
tion, Flock promises to integrate browsing with 
publishing, blogging, photo sharing, and public 
bookmarking, among many other very Web 
2.0 functions. But as co-founder Geoffrey 
Arone tells us, saying "Web 2.0" around the 
Mountain View, Calif., office will cost you. 



CPU: What does Web 2.0 mean to you and the Flock project? 

Arone: We actually have a tip jar in front of the office and penalize you a dol- 
lar for using the term. We're trying to break away from using any buzz mar- 
keting words. We try to talk about specifics of what we are trying to achieve 
for users. To me and to most at Flock it means the new ways that people par- 
ticipate online, the technologies that cater to certain types of participation. 

CPU: How does Flock layer onto the Firefox engine these participatory 
functions? 

Arone: We looked at the ways that people are interacting online. Firefox rein- 
vigorated the browser space, but browsing is the same. It doesn't address the 
greater participation by folks in easier publishing, sharing content, social net- 
works, all of these higher amorphous concepts. We are looking into what 
product can make interacting through a browser better. We looked at exam- 
ples of blog editors and photo browsing and uploading. What makes us special 
is the interplay of the different features. If I read an article at NYTimes.com 
on the running of the bulls, I can Star it to my favorites or just highlight text 
and keep it in a Shelf. I can blog the photo and then drag text from my Shelf, 
then open Flickr in the Topbar and search for my friend's photos of his expe- 
rience with the bulls. It involves several things and the end-to-end user experi- 
ence is different. 

CPU: When will we see usable versions of Flock? 

Arone: Today it's pretty stable. Expect to see something that's a significant 
improvement in mid-May. The second public beta will come two months later 
and then if all goes well, a 1.0 two months after that. A 
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Yahoo!'s Flickr is a 

standard-bearer of 

Web 2.0 trends: content 

generated by users, 

collaborative tagging, 

and content sharing. 
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into smaller pieces and tagging it densely 
activates "The Long Tail" of the new 
Internet. Just as the Amazon.com recom- 
mendation engine can make buyers aware 
of a much larger catalog of less popular 
books than any major retailer could 
carry on physical shelves, a Web of dense- 
ly linked content brings to the surface 
obscure or forgotten texts and images for 
use in unimagined new ways. By tagging, 
searching, sharing, and reconfiguring con- 
tent, users add value. 

Wikipedia is the ultimate expression of 
user-generated value, a radical turn away 
from the classic encyclopedia where for- 
mal "experts" defined what was important 
for people to know and reviewed what 
was accurate and "true." In the Wikipedia 
model, a broad community declares what 
is important and accurate. Leading the 
charge into this new era was the Google 
search engine itself, says O'Reilly, which 
started indexing and ranking content on 
the Web in part according to how many 
times others linked to it. Likewise, com- 
panies such as Amazon leverage the wis- 
dom of its customers to drive user reviews 
and recommended titles. 

Flock Together 

If Web 2.0 is about Web services, inte- 
grating diverse applications and data 
across the Internet, and the power of col- 
laboration, then the trend's perfect ex- 
pression may be the highly anticipated 
Flock browser. Based on the Mozilla 
Firefox engine but founded on Web 2.0 
principles, Flock is being designed to let 
people interact with the Web and each 
other within the browser paradigm. 

Flock sports a Topbar that links directly 
into Flickr and eventually will be able to 
pull in other content sharing communities. 



You'll be able to review photos, even drag- 
ging and dropping images from your Desk- 
top directly into the Topbar and thus into 
your Flickr account. Another repository, 
your Shelf is where you can store text clips, 
copied images, and links from other sites. 
All of these tools become super-charged 
when you invoke Flock's integrated blog 
editor. Yes, in Flock you make blog entries 
in the browser window, which also lets you 
drag and drop into your entries the links 
and text you stored in the Shelf or photos 
from the Flickr Topbar. 

Call it next-gen Web or Web 2.0, theo- 
rists of the evolving Internet believe our 
use of the technology is redefining content 
itself. In the world of Web services, soft- 
ware such as Flickr and Google don't have 
anything as quaint as "version releases." 
Their developers update them weekly 
and add and test new features as live betas 
that evolve in response to user feedback. 
O'Reilly Media now has a Rough Cuts 
series where buyers access unfinished books 
as the authors write them, allowing for cus- 
tomer feedback and bug fixes. Blogging, 
content sharing and remixing, Wild media, 
and the new Web services that enable them 
are forcing us to rethink traditional notions 
of publishing that depended on earlier 
technologies, says O'Reilly. Content may 
start as a collaborative Wiki then course 
across blogs, search engines, into devices 
and syndication, and all along the way gain 
user comments and tags that refine and 
redefine it. "Content becomes more like a 
wave. It's a momentum," says O'Reilly. 

Wave? From the popularity of next-gen 
flagships such as Google, Yahoo!, and 
now MySpace and Flickr, Web 2.0 is 
looking more like a tsunami. CPU 

by Steve Smith 



In Search Of Web 2.0 

Check out these sites to find some 
examples of this amorphous Web 2.0 
concept at work. 

Rollyo.com. This "roll your own search 
engine" site lets you create and share 
search boxes that peruse only the sites you 
most value. This is a mashup of Yahoo! 
search technology and social networking. 



Flickr.com. The photo-sharing site brings 
user-generated content to a new level, as 
members tag and swap images to make 
one of the largest repositories of densely 
indexed images ever seen. 



ThinkFree.com. Using the Web as an 
operating system, ThinkFree puts basic 
Office apps such as word processing and 
presentations in the Web browser, so you 
can make and edit your docs from any 
machine, operating system, and anywhere 
there's a Web connection. 



Wayfaring.com. Wikipedia meets Rand 
McNally. Users create, tag, and share 
personal maps that chart their personal 
adventures, annotate hot spots in an area, 
or collaborate on group-made maps. 



Infinite L 



USB Vacuum Cleaner 

For those of us who spend a lot of time at 
the computer, USB-powered devices go 
a long way toward making our lives easier. 
If you subsist entirely on powdered donuts 
and Cheetos while sitting at your computer, 
then Genica's USB Vacuum Cleaner was 
designed with you in mind. Just plug it into 
an available USB port, select the appropri- 
ate attachment, and then start cleaning. 
There's even an LED for vacuuming the 
darker recesses of your computing area. 
Now all we need is a USB-powered wet/dry 
vacuum to suck up all the 
coffee we're spilling into 
our keyboards. 
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by Rob "CmdrTaco" Malda 



They say it is all about the content. But 
"they" say a lot of things. Today down- 
loadable content is just starting to wage war 
against the broadcast media that has dominat- 
ed distribution for decades. The problem is 
that the pricing models are all wrong. Dis- 
tributors are pricing their downloads like 
DVDs and not like broadcasts. And strange 
DRM systems inconvenience their users, often 
driving them to piracy. 

Once upon a time, "getting" content meant 
sitting in front of your TV at a specified time, 
tuning in to a channel, and watching the show 
for the allotted amount of time. VCRs and 
TiVos have incrementally added control, let- 
ting the user time-shift his programming. 

In addition to time shifting, we have what 
I will call "location shifting." This is for 
offline media: DVDs, CDs, and so forth. By 
merely taking a physical object from place to 
place, you can partake in your glorious 
media in any (compatible) location. You 
pay extra for this, and typically as part of 
it, the manufacturer removes commer- 
cials from the product. 

What downloadable content 
does is conveniently blend the 
concept of time shifting and 
location shifting into one glo 
rious file playable on your 
computer, your iPod, and 
your TV. 

Now we are used to not 
paying directly for broad- 
casts. Sure, we pay for 

cable or satellite, but we don't directly pay to 
watch "The Daily Show." So, conceptually, 
we think of the functionality the TiVo gives 
us as "free." 

On the other end, we're used to paying 
for our DVDs. A crazy market has arisen for 
buying old TV shows. You end up paying 
a couple bucks per episode and there they 
are for you: uncut, commercial free, and 
digitally perfect. 

The problem is that currently all attempts 
to market downloadable content have charged 
the prices associated with location shifting: a 
buck a song, a couple bucks for an episode of 
a TV show, and far more for a movie. 




Comedy Central is trying it with "The Daily 
Show," and ABC has been trying it with 
"Lost" and "Desperate Housewives." 

The problem is simple economics: Broad- 
cast is inexpensive to the audience because 
commercials fund it. DVD has no commer- 
cials, so the industry passes along the entire 
costs. And because downloads don't have 
commercials, the industry is trying to charge 
the consumer DVD prices. 

This is a serious problem toward adoption of 
downloadable content. My TiVo has around 40 
season passes. It records dozens of shows every 
week. Were I to pay $2 for each episode, my 
fixed monthly satellite bill would easily triple. 

The distinction here is that the masses con- 
sume broadcasts, but, really, the fans only pur- 
chase DVDs. A serious fan willing to foot a 
higher bill will repeatedly watch a DVD. The 
broadcast is ethereal — watched, enjoyed, and 
then deleted to make way for something new. 
The industry is pricing 
these downloadable 
programs as if they are 
DVDs, and when I think 
the inevitable future is that 
these downloadable programs 
will replace broadcast media, I 
think the industry should price 
them accordingly. 
The industry needs to take a step 
back and understand that download- 
able content gives users an element of 
time shifting and location shifting. It is 
something old and something new. And as 
long as complicated DRM systems and ill- 
conceived pricing structures stand in the way, 
the audience will route around them, turning 
instead to piracy, or better yet, a new genera- 
tion of independently created content. 

We have seen some of this independently 
created content in the film industry already as 
independent films crept up on the major stu- 
dios. But now a few thousand bucks worth of 
digital camcorders and a beefy Mac can let 
individuals create and distribute their own 
productions online. If the industry doesn't 
hurry up and start being reasonable with its 
own content, the rest of the world is going to 
start creating its own. A 



/ 
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As long as 
complicated 
DRM systems 
and ill-con- 
ceived pricing 
structures 
stand in the 
way audiences 
will route 
around them. 
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Rob "CmdrTaco "Malda is the 
creator and director of the pop- 
ular News for Nerds Web site 
Slashdot.org. He spends his 
time fiddling with electronic 
gizmos, wandering the Net, 
watching anime, and trying to 
think of clever lies to put in his 
bio so that he seems cooler than 
he actually is. 



Speak loudly into the megaphone offoo@baz.com; I'm slightly deaf in that ear. 
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by Jen Edwards 



Microsoft's New Wireless Mouse Options 



Among three new peripherals that Microsoft recently announced is the Wireless Notebook Optical Mouse 3000 ($29), made for both 
left- and right-handed users. The 3000's design includes a wireless snap-in receiver in the mouse's bottom that automatically turns 
the mouse off when not in use to conserve battery life (estimated at six months). The 
mouse requires one AA battery for an estimated six-month lifespan. The 3000 
also uses Microsoft's latest High Definition Optical Technology 
(1,000dpi; 6,000fps), which MS claims will provide 
increased precision and smoother tracking. We'll let you 
decide if the technology really puts the mouse two gen- 
erations ahead of other 

optical mice, as 

Microsoft claims. 
The company has 

also announced the 

new five-button 

Wireless Laser Mouse 

5000 ($49), a new 

desktop mouse with HD 

laser tracking. The 5000 has a dedicated Magnifier button that lets you enlarge a portion of the computer 

screen for editing objects with finer details, such as digital photos. A more affordable three-button Wireless 

Optical Mouse 2000 ($29) has also been announced. A 





Free MSNBC News & Entertainment 
-With A Catch 

MSNBC is testing a new ad-based beta service that delivers news and 
video clips of such programs as "The Today Show" free to mobile 
users, as long they're willing to view short ads to acquire the requested con- 
tent. The three-month MSNBC.com Mobile testing model is similar to what 
many Web sites now use, instead of the traditional wireless model of charging 
a monthly subscription fee for premium content. Many wireless providers, for 
example, charge $15 or more a month for similar premium services. 

The aim is to change the underlying business model from a fee-based one to 
one in which content providers 
and the wireless carriers share ad i *■?<**? ■■ 

revenues. The new service is cur- 



rently available only on Windows- 
powered mobile phones, but 
MSNBC hopes to expand the 
service to a wider audience once 
testing is completed. A 



MSNBC.com's Mobile beta is using a 
new ad-based method of providing 
content to mobile users. 



MSNBCxoi 



beta 

MOBILE 
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PayPal Introduces 
Text to Buy System 



ayPal has introduced a new way for its users to 
pay for merchandise. Instead of logging on to 
the PayPal service via a computer, PayPal account 
holders can now use their mobile phones to send 
product codes via text messages to purchase items 
advertised in magazines, at events, on billboards, etc. 
Several retailers have already joined the program, 
including 20th Century Fox Home Entertainment, 
Bravo, MTV, and the NBA Store. 

A subscriber's phone must be activated at 
PayPal's Web site to get a special mobile PIN 
before using the Text to Buy service. Users can 
also call 1-800-472-9725 (800-4PAYPAL) to use 
the service. PayPal guarantees all transactions and 
accounts are safe, even if your mobile phone is lost 
or stolen, as accounts are PIN-activated. Users can 
also use Text to Buy to send money to other peo- 
ple by sending a text message to 729725 (PAY- 
PAL) with the amount to send and the recipient's 
phone number. For more information or to sign 
up for a free account, visit PayPal's Web site. A 
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Gateway Returns To Ultraportable Notebooks 

Gateway has unveiled two new ultraportable notebooks, the E-100M and NX100X, both of 
which are just 3.2 pounds and feature a 12.1-inch widescreen display (1,200 x 800), Intel's 
U1300 Ultra Low Voltage Core Solo processor, 802.11a/b/g, optional Bluetooth, up to a 
100GB hard drive, up to 1GB of RAM, and an alloy-magnesium chassis. The NX100X 
includes an optional external DVD/DVD-RW drive ($199). Both computers start at $1,399 
and are available for order at Gateway's Web site. The releases mark the first time in four 
years that Gateway has offered ultraportable machines. Industry analysts speculate the 
move is due to increasing demand for small notebook computers in both the business 
and home user segments. A 



The Gateway NX100X (along with the company's 
E-100M) marks the company's return to the 
ultraportable market after a four-year absence. 



Intel Doubles Flash 
Memory Capacity 
With New Chip 

I ntel has finished the design phase of 

a new 65nm NOR flash memory 
chip (codenamed Capulet) that's capa- 
ble of storing 1Gb of data. Production 
is expected to start this quarter, and 
mobile phone makers could start using 
the chip in phones by year's end. The 
1Gb amount doubles the previous 
maximum capacity of 512Mb of phys- 
ically larger 90nm flash chips. 

The new chip will likely see usage 
in PDA, cell phones, and other CE 
devices that have high-memory 
requirements but small physical speci- 
fications. Flash memory also has the 
advantage of not requiring constant 
power to keep memory intact as 
standard RAM does. Flash memory 
also isn't overly power-hungry and 
it doesn't contain moving parts, as 
miniature hard drives do. 

Reportedly, Intel is already able to 
create 2Gb chips by stacking two 
1Gb chips on top of one another, but 
a company spokesperson says Intel 
expects to be able to make single 
2Gb flash memory chips when Intel 
eventually transitions to new 45 nm 
production technology. A 



Samsung's T509: The 
Thinnest U.S. -Available Phone 

ove over Motorola, there's a new tiny mobile 
I V I phone in town. As you're reading this, Sam- 
sung's SGH-T509 mobile phone should be the thin- 
nest mobile phone available in the United States. 
Introduced at April's CTIA trade show, the bar-style 
SGH-T509 handset measures only 0.38 inches thick 
(compared to the Motorola SLVR's 0.43 inches) and 
weighs just 2.7 ounces with a standard battery. The 
phone is expected to still offer an impressive feature- 
set, including a 65K color TFT display, EDGE high- 
speed data access, Bluetooth capabilities, and a VGA 
camera that can also capture video. The T509 report- 
edly will also have a speakerphone; MP3 ringtones; and 
connection abilities via SMS, MMS, ICQ, and AOL 
and Yahoo! instant messaging apps. Few other details 
were available at press time, but T-Mobile has been 
announced as the exclusive retailer for the phone. 

In other Samsung news, the company's YM-P1, 
one of the most eagerly anticipated personal media 
player/ recorders by users, is now available for order at 
Datavision. The YM-P1 has a 4-inch widescreen TFT 
display and 20GB internal hard drive and can record 
directly from a TV. Battery life is expected to be 15 
hours or six hours for video. Additionally, the player 
supports a wide array of audio and video formats, 
including AC3, AVI, BMP, DivX, JPG, MP3, MPEG- 
4, Ogg Vorbis, WMA, and WMV. An SD card slot is 
included, as well as FM radio. Samsung hasn't an- 
nounced an official release date for the YM-P1, but 
early adopters can preorder it for $370. A 




At 0.38 inches, the Samsung T509 
is the thinnest phone currently 
available in the United States. 
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Digital Living 



. , At Your 

Leisure 



Games 

Gear 

Movies 

Music 



The entertainment world, at least where it pertains to technology, morphs, 
twists, turns, and fires so fast it's hard to keep up. But that's exactly why we 
love it. For the lowdown on the latest and most interesting releases in PC 
entertainment, consoles, DVDs, CDs, and just leisure and lifestyle stuff we (for 
most part) love and recommend, read on. 



A 



V 



Corner 



DVDs by Chris Trumble, 
CDs by Blaine A. Flamig 



Capote 

Is there any actor in Hollywood as versatile as Philip Seymour Hoffman? He was 
Brandt in "The Big Lebowski," a screenplay writer in "State and Main," a convinc- 
ingly desperate problem gambler and embezzler in "Owning Mahowny," and a flaky 
sidekick in "Along Came Polly." In "Capote," he plays one of the most famous and 
idiosyncratic writers in American letters, Truman Capote. He nails the role, of 
course, and the film is a fascinating look at how writing "In Cold Blood," the story of 
$22.99 a horrific murder in 1959 Kansas, changed the author's life forever. It 

Sony Pictures Home Entertainment should be interesting to see how he fares as the bad-guy counterpart to 

www.sonyclassics.com/capote superspy Ethan Hunt in "Mission: Impossible III." 






$29.98 

Turner Home Entertainment 

www.adultswim.com 



Robot Chicken: Season One 

If you have a sense of humor and you haven't yet discovered Cartoon Network's late- 
night Adult Swim lineup, you're missing the best original programming on TV. One of 
more recent additions to the Adult Swim lineup is a stop-animation show called "Robot 
Chicken," created by Seth Green and Matt Senreich. Each episode is a montage of short 
bits involving the antics of action figures ranging from Superman and Optimus Prime to 
George Bush and Michael Moore. "Chicken" is an ingenious blend of current and retro 
pop culture with a dash of political satire, and a hint or two of social commentary 
thrown in for good measure. The two-disc DVD set includes the entire first season 
of episodes plus a generous helping of bonus content. You will laugh. 




$14 

Warners Brothers Records 

www.builttospill.com 



Built To Spill -'You In Reverse" 

Imagine if Neil Young and Crazy Horse were in midcareer today, locking into an 
album's worth of improvisational, glorious grooves. That's the kind of soulful, in- 
the-pocket sound that Built To Spill has captured on "You In Reverse," the band's 
first album in roughly five years. The wait was certainly worth it. From the eight- 
minute "Goin' Against Your Mind" to the sprawling "Wherever You Go" to the 
beautiful closer "The Wait," Doug Martsch and company's latest work is one of 
the most enjoyable albums we've heard in an awfully long time. 



Eagles Of Death Metal -"Death By Sexy" 

Fans of self-important, beat-you-over-the-head-with-a-message rock need not apply 
for entry into the Eagles Of Death Metal camp. "Death By Sexy' isn't for you. If, 
however, you like your rock to feel live, raw, loose, riff-heavy, and just a little nasty, 
dig in; there's plenty here to sink your teeth into. From the minds of Josh Homme 
$13 (of Queens Of The Stone Age) and pal Jesse Hughes, "Death By Sexy' isn't likely to 

Downtown change your world, but it will make it a hell of a lot more fun place to bang 

www.eaglesofdeathmetal.net your head in. 



See the full reviews from A/V Corner at www.cpumag.com/cpujun06/AYL 




May 9 

Dr. Katz, 
Professional 
Therapist: Season 
One 

The New World 

Ronin (Collector's 
Edition) 

May 16 

Napoleon 
Dynamite (Like, 
The Best Special 
Edition Ever!) 

The Producers 

Crimson Tide 
(Unrated Extended 
Edition) 

May 23 

The Boondock 
Saints (Unrated 
Special Edition) 

The Fifth Element 
(Blu-ray Disc) 

House Of Flying 
Daggers (Blu-ray 
Disc) 

May 30 

The Venture Bros.: 
Season One 

Freedomland 

Numb3rs: The 
Complete First 
Season 
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Secret Sauce -by Dr. Malepr 



e played Bethesda Softworks' Arena upon its release in 

1994 and all the subsequent Elder Scrolls titles, including 

Daggerfall (1996) and Morrowind (2002). These three role-playing games 

are the predecessors of one of the most immersive and addictive games 

we've played in the past several months, Oblivion, which is now available 

on PC and Xbox 360. 

Let's get the bad out of the way. The 360 version suffers from some 

frame rate issues and has more scenery pop-ups than a struggling adult 

Web site. Both versions have cheat exploitations and over- - 

ly frequent load instances. Those flaws may be regarded 

/ *** 

as serious in some games, but Oblivion's assets will still 

provide you with many, many hours of enjoyable game- 
play. The last Elder Scrolls game, Morrowind, had some 
pacing issues with both the plot and movement, but 
we're happy to see that Bethesda's newest creation suffers 



from none of the shortfalls of its ambitious predecessors. 

Spend the necessary seconds or hours creating your characte 
starting off. As the game begins, you find yourself locked away in a du 
without any idea why you're there. As you ponder your naval, Emperor Uric. 
Septim (appropriately voiced by Patrick "Captain Jean-Luc Picard" Stewart) 
and his guards sweep through your cell and make off through a secret pas- 
sage. Having no love from the prison life, you quietly set off after him. (Your 
style of gameplay in this initial stage will prompt Oblivion to recommend a 
character class, which you may choose to ignore.) Later, just prior to his 
assassination, the Emperor bestows a quest upon you to find and protect 
his heir (voiced by Sean "Boromir" Bean) with the ultimate goal being to 
prevent the gates to Oblivion from opening and destroying the world of 
Tamriel. Soon thereafter you'll step out of the dungeon into the stunning 
world of Cyrodiil (the capital province of Tamriel). 

The game's scope in both the world and gameplay depth redefines 
"open-ended." Cyrodiil is a gigantic, living, breathing world that will rip you 
out of your own with ease. You can follow the main quest or not. You can 
play with a stealth basis, create your own potions, fight head-on as a warrior, 
or become a vampire. One big change long-time Elder Scroll players will 




// 



notice is the combat system. Yes, this is an RPG, 
but there's a much heavier focus on action in the physical 
sense. You'll be doing battle with lots of enemies, and being able to jug- 
gle your attack and defense will play a key part to your success. The action 
sequences feel real: You make contact and need to use your weapon/shield 
to fend off enemy attacks. It feels like it should: spot on. 

Oblivion is already the best game we've seen this year. With all the noise 
we've been hearing about MMO games, it's a pleasure to see a single-player 
game of this magnitude. Both the Xbox 360 and PC versions achieve great- 
ness, and you, as the player, have everything to gain in entertainment value 
for your hard-earned gaming dollar. The PC version requires top-notch 
hardware to impress visually, and if those upgrades go substantially past 
$400, then consider buying the 360 version, which plays as well as or better 
than most midrange PCs. Either version is fine, but if you've read this far, 
you're not going to want to miss playing this gem. Get it now. ▲ 




$49.99 (PC)/$59.99 (PC CE); $59.99 (360)/$69.99 (360 CE) 
ESRB: (T)een • Take 2 Games • www.elderscrolls.com 
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Mad Max Takes On World Of Warcraft -by Dr. Maleprop 



The past 20 years of auto combat have been 
exemplified in the likes of Auto Duel 
(Microprose), Destruction Derby (Psygnosis), 
High Octane (Bullfrog), Carmageddon (Interplay), 
and Interstate 76 (Activision). These are the 
games that would have most influenced us if we 
were the developers of NCsoft's newest 
MMORPG: Auto Assault. 

Developer NetDevil has given Auto Assault a 
rich and detailed back story, but we'll summarize: 
a meteor shower brings a contagion that mutates 
humans. This leads to all-out war and 
something equivalent to a global ther- 
monuclear confrontation. And 
behold— yet another race is formed via 

ii \ *) 
$49.99 (PC)/$59.99 (Limited Edition) 
ESRB: (T)een « NCsoft 



mutation. That leaves Earth with three races to 
duke it out: Humans, Mutants, and Biomeks. 
Unlike any other MMORPG currently available, 
Auto Assault focuses on the cars, which means 
you'll pick a car and then spend much of your 
time customizing your vehicle. Each vehicle will 
have characters' classes relating to combat, 
stealth, etc., and your decision will alter your 
game. And that's before all the modifications that 
you can make to your vehicle, which also heavily 
affects your game experience. 



Auto Assault has evolved past its original 
bland, brown, barren wasteland environments. 
Developer NetDevil went back to the drawing 
board and returned with plenty of varied envi- 
ronments that look and feel different during 
gameplay. Keyboard/mouse control conveys 
what it should, and we were surprised to find that 
playing with a gamepad worked very well, too. 
Like most MMORPGs, you'll spend a lot of your 
time in combat as you work to level-up your vehi- 
cle. The crafting system is deep and not entirely 
obvious. There's plenty to loot, and the combat 
among vehicles is a lot more compelling. 

Whether Auto Assault can match the num- 
bers seen in World Of Warcraft remains to be 
seen. Guild Wars managed to pry us away from 
WoW for many, many months, and Auto Assault 
stands to break new ground in the genre. ▲ 



www.autoassault.com 
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Don't Let It Fly Under Your Radar -by 



-by Dr. Maleprop 



he first addictive game you 
may not have heard about is 
inspired by the Xbox 360's popular 
Geometry Wars Evolved: Grid Wars 
2, which looks good even on 
widescreen LCDs and is tough to 
put down. Our other selection is 
the single-player Space Rangers 2: 
RoD, which isn't free but available 
at a budget-friendly (not to be con- 
fused with "budget" title) price 
point of $29.99. 



This simplified hybrid turn- 
based/real-time space combat/ 
trader by Russian developer El- 
emental Games is intuitive but 
requires time to fully understand its 
varied gameplay elements. Unlike 
Galactic Civilization II, which focus- 
es on galactic conquest, Space 
Rangers 2 focuses on your single 
spaceship. The dynamic universe in 
which you travel is attractive and 
deceptively varied. Special missic 
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pop up in one or many game genres 
depending on the situation and add 
an element to the gameplay that 
scripted events just can't re-create. 
Considering how rich and varied 
the gameplay is, it's surprising just 
how elegant the control and inter- 
face feels without being simplistic. 
It's rare to have genres, such as 
space combat, turn-based/real-time 
strategy, text adventuring, and 
more rolled successfully into a sin- 
gle game. We don't recommend 
passing up the opportunity to play 
the genre-defying SR2. It's cheap, 
and the open-ended gameplay 
rewards wellVAs if that 
isn't enough, \ 






m 



the U.S. release includes the original 
2002 Space Rangers that wasn't 
released stateside. Space Rangers 2 
took us off guard but will be a 
mainstay on our hard drive for 
many months to come. ▲ 
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M $29.99 (PC) * ESRB: (T)een 
Cinemaware Marquee 
www.spacerangers2.com 
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$59.99 (X360), $39.99 (PC, Xbox, PS2) • 2K Sports • www.2ksports.com/games/mlb2k6 



Welcome To The Bigs 

-by Chris Trumble 

The boys of summer are back on your 
favorite game console. We took a few 
versions of 2K Sports' Major League 
Baseball 2K6 for a spin and found the 
game to be deep, pretty, and fun to play. It 
won't surprise anyone that the Xbox 360 
version is the most elaborate graphically, 
but that aside the various flavors of 2K6 
are largely identical. The controls you'll use 
on both sides of each inning vary only 
inasmuch as necessary according to each 



system's controller design and button lay- 
out, and regardless of what system you 
play on, you'll find them easy to pick up. 

Pitching and hitting controls are especial- 
ly effective, although if you're used to old- 
school games where you mash a button to 
swing the bat, the Swing Stick will take a 
few innings to get used to. Each swing is 
made up of two motions of the right analog 
stick; you pull it back to initiate your batter's 
backswing and step into the pitch, and 
you push it forward to take your cut. 

Throwing to pick off a runner when 
you're in the field is pretty easy, too; just 
press the button that corresponds to the 
base you want to throw to, and hold the 
button longer for a harder throw. 

If you're looking for more than a quick 
game, MLB 2K6 has a GM Career mode 



that puts you in charge of steering an MLB 
franchise via the draft, trades, minor 
league operations, and in-game strategy, 
too. As with most sports games, the com- 
mentary from the booth can get a little stale 
at times, and we're still not quite where we 
need to be in making real-world players 
look convincingly human, these are minor, 
common gripes, and they don't warrant 
passing on MLB 2K6. ▲ 
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Crystal Dynamics Rescues Lara -by Chris Trumble 



Until very recently, Eidos' Tomb Raider fran- 
chise was a sort of cautionary tale demon- 
strating the danger that lies in churning out too 
many tepid sequels to cash in on a hot proper- 
ty. When it hit the scene in 1996, the first 
installment for the PlayStation was a huge suc- 
cess, capitalizing on the popularity of the then- 
nascent 3D action genre and a hip, sexy lead 
character that soon became a gaming icon. 
The first sequel or two did pretty well, too, 
because let's face it: As much as we complain 
about sequels, we seem to love buying 'em, 
and Eidos was all too happy to keep them 
coming. It wasn't long, however, before TR's 
luster began to fade. By the time TR: The 
Angel Of Darkness showed up for PS2 and 
PC in 2003, many who'd enjoyed the first two 
or three games had lost interest, and worse 
yet quite a few of those who paid the price of 
admission for Angel were sorely disappointed. 



$59.99 (X360), $49.99 (Xbox, PS2), $39.99 (PC) 
ESRB: (T)een • Eidos • www.tombraider.com 




Eidos took the drastic action of taking 
Tomb Raider away from Core, the devel- 
opment company that created Lara Croft 
in the first place, and giving it to Crystal 
Dynamics, a developer that had huge 
success with another popular third-person 
action franchise, The Legacy Of Kain. 

Looks like it was the right call. Tomb 
Raider: Legend has pretty much everything 
that made the first TR game fun, but adds 
to that a few new moves, controls that are 
tighter and more responsive than they've 
ever been, and — of course — cutting-edge 
graphics. We reviewed the Xbox 360 
version, and it's a thing of beauty in 
high-def, with characters and environ- 
ments that are equally sharp. We would 
have liked it to last a bit longer, but oth- 
erwise we recommend this game 
wholeheartedly. ▲ 




Character Smorgasbord 

-by Chris Trumble 



$39.99 (PS2) 



ESRB: (T)een * Konami 
www.konami.com 



We've seen lots of console RPGs over the 
years, and although in lots of cases there's 
precious little to separate one franchise or title 
from another, we've always liked Konami's 
Suikoden series for one big reason: the variety of 
the characters. 

The common thread among all the Suikoden 
games is the108 Stars of Destiny, a number of diverse 
characters that you can recruit throughout the 
game by talking to the right folks and doing plenty 
of exploring in towns and so forth. Of course, you 
can't use all 108 at any one time; the game limits 



your party to six members. But having so many folks 
standing by means you can customize your party to 
include the Hero, your main character, and all sorts 
of combinations of other characters, allowing you to 
build a party that best suits your style of play. 

Battles are turn-based, menu-driven affairs, and 
we were pleased to note that Suikoden V's battle 
menu gives you an Auto option that can alleviate 
some of the tedious button mashing in one-sided 
battles. We also enjoyed the game's look and 
sounds, and aside from taking a little too long to 
get going in earnest, the story is fun, too. ▲ 



Datel XSATA 

Never Run Out 
Of Space On 
Your Xbox 360 

Datel seems to be making quite a 
name for itself in the realm of 
console storage growth. The latest 
expansion project is the Xbox 360. We 
don't know about you, but having a 
paltry 12-ish gigabytes of useable stor- 
age is more than just embarrassing — it 
leaves us wanting more. 

The XSATA is a plug-and-play device 
that's molded to fit neatly in between 
the 20GB Xbox 360 external hard drive 
and the top of the console. The device 
features a USB 2.0 connector in the back 
that lets you connect your 360 hard 
drive directly to a PC hard drive for 
backups. Also, you can share anything 
on the 360 that's not locked directly to 
your console/account with your friends 
via email. The best part is that you never 
have to unplug your 360 hard drive once 
you have the XSATA sitting below it. 

So what's not to like? Well, the laser- 
blue color for one. Is it asking too much 
to wish for an XSATA in 360 green to 
match our consoles? After all, not 
everyone wants to bling their 360. ▲ 

$39.99 (Xbox 360) • ESRB: N/A 

Datel Design & Development • www.datel.co.uk 




ldeazon MERC 

Another Specialized Gaming Keyboard 



$39.99 (PC) • ESRB: N/A • Electronic Arts • www.zboard.com 



We've looked at the ldeazon Zboard in the 
past. The ability to customize your PC's 
primary game controller (the keyboard) was a 
superb idea, but having to replace the keyset 
just to type was a major inconvenience. Also, 
paying nearly $20 for custom keysets was 
another big drawback. Last but not least, most 
users of the Zboard owned a "real" keyboard for 
daily use. 

ldeazon took note and addressed the short- 
comings of the Zboard: Enter the MERC. The 



MERC features game-specific keys (tilted for- 
ward by 1 1 degrees) on its left side, a normal 
keyboard, and a numeric keypad with merged 
HOME/END keys. PAGE DOWN/DELETE 
require a toggle before you can use them. This 
change comes as a result of ldeazon trying to 
cram so many more keys into what's already a 
slightly larger than average keyboard. The inte- 
grated gaming keys no longer require a user to 
purchase game-specific keysets. You'll need to 
install the included 



software to make the keyboard work with the 
games it supports. We were surprised, however, 
to discover that the software didn't let us cus- 
tomize the keys. Fortunately, there's a driver 
update in the works that will address this issue. 

Pricing is reasonable considering how well 
the keyboard functions for work and play. If 
you have a ergonomic, split keyboard craving, 
then we recommend you keep your keyboard 
and pair it with something such as the Wolf 
Claw Devour. ▲ 
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Subscriber Tip 
The Month 

CPU Forums: 
Share The Wealth 

As a subscriber, you have access to 
many additional online features at www. 
computerpo werus er.com , including the 
CPU Forums. The CPU Forums give 
you a place to converse with other 
CPU subscribers, troubleshoot prob- 
lems, voice opinions, and show off the 
vast amount of computer knowledge 
you have learned with your CPU sub- 
scription. Help a troubled user fix 
their computing problems or let others 
give helpful tidbits to you in your time 
of need. Access the CPU Forums from 
the homepage in the daily section at 
the top of the home page. 
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idealbb/default.asp 
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Only paid 
subscribers to 
CPU magazine 
get complete 
access to 
all these 
great features: 



Latest issues. Get a 

guided tour through the 
latest editions of our 
technology publications. 

More hands-on hard- 
ware reviews. Are the 
latest products worthy 
of the marketing hype? 
We put products to the 
test, complete with 
comparison charts 
and links pointing to 
where you can buy the 
products online. 

Even more great 
reading. Our Web site 
features every article 
from CPU and a search- 
able archive of more 
than 23,000 articles from 
our sister publications 
Smart Computing, 
Learning Series, Guide 
Series, and Reference 
Series. It's like getting 
five magazines for the 
price of one! 

A showcase of 
articles from next 
month's issue. 

Impress your friends 
with all the insider 
information you get by 
reading CPU's latest 
articles and product 
recommendations before 
they're available in print. 
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The Cutting Edge 



The First Personal Computer 



Guest Column 
by Barrv Brenesal 



Just like sound films and tape recordings, 
innovative people created personal com- 
puters before the technologies and distribution 
systems were in place to make them financially 
viable. (I bet you didn't know the first sound 
film came along in 1895, not 1929. Ask me 
about it sometime.) The year in this case was 
1971, and the computer in question was John 
V. Blankenbaker's Kenbak-1. He marketed it 
through the pages of Scientific American. 

The Kenbak-1 came along just before the 
introduction of microprocessors, so it was built 
largely from TTL components. It employed a 
von Neumann architecture, and all registers 
were stored in the main memory. There was 
no CPU, but the computer did come with 256 
bytes of RAM. Blankenbaker intended his pio- 
neering PC to teach students programming, 
and was uninterested in what other program- 
mers might make of it — let alone end users 
without programming skills. Approximately 
40 of these units were sold, before operations 
closed down in 1973. 

At just about the same 
time, in 1973, Francois 
Gernelle issued the first 
commercial, non-kit PC 
that was based on a micro- 
processor chip (the Intel 
8008). His company, R2E 
coined the term "microcomputer" in reference 
to its Micral-N. This PC was definitely a leap 
forward, with a real-time system and parallel 
and serial I/O cards. It wasn't cheap, though: 
8,500 French Francs ($1,300) could buy you a 
lot of good meals on the Champs-Elysees. But 
the Micral-N did well, and the company con- 
tinued innovating, introducing a monitor-key- 
board in 1 974 and a hard drive the following 
year. Had its international strategy been better, 
perhaps R2E could have broken into the U.S. 
market, but this never occurred, and toward the 
end of the 1970s the company was phased out. 

Now we jump to 1975, when the cover of 
Popular Electronics January edition featured the 
MITS Altair 8800 computer kit. No, the Altair 
was definitely not the first PC (although one of 
its inventors, Ed Roberts, is said to have coined 
the term "personal computer" in describing it). 
But it did start plenty of hobbyists thinking in 
terms of personal computer use, especially since 




the unit sold for roughly a third of the Micral- 
N's price. Both its price and the magazine pub- 
licity paid off better than expected. The com- 
puter's designers calculated that they needed to 
sell 200 units over the year to break even, but 
received more than 4,000 orders within the first 
three months of the Altair's debut. 

The Altair 8800's unrivaled U.S. market 
dominance was not to last, though: When you 
discover a goldmine, expect to see plenty of 
tourists with pickaxes down the road. However, 
it did spark one important development. A pair 
of young men got Roberts interested in a 
BASIC interpreter, which they knocked out in 
roughly 30 days of intense programming. It 
was delivered on paper tape and worked, lead- 
ing the two gents — Paul Allen and Bill Gates — 
to form a company known as Microsoft. 

By 1976, the PC market was poised to 
explode. Savvy entrepreneurs realized that it 
could become a tool anybody might use — with 
the proper motivation. Around this time, Steve 
Wozniak designed a PC for his 
own personal use, but his 
friend, Steve Jobs, was 
convinced that it had 
much greater potential. 
The result was the Apple I, 
which never sold well. (Until recently, 
that is. With roughly 30 left in existence, 
authentic originals in good condition now fetch 
$15,000.) The Apple II of 1977 was another 
matter. It looked like a modern computer, came 
with 4KB of RAM (expandable to a whopping 
48KB), offered built-in sound, expansion slots, 
an audio cassette interface for loading/saving 
data, and high-resolution and color modes. Like 
the Micral-N, the Apple II wasn't cheap: It sold 
for $1,298. But it impressed. 

On a personal note, a couple of friends pur- 
chased an early Apple II and had a party to 
show it off. A group of us were suitably 
impressed by its visual interface and made fun 
of the primitive syntax in an accompanying 
adventure game. (We were all writers. You'd 
expect that.) We subsequently praised the PC in 
our various lines of work; so in a way, you could 
say we all helped Steve Jobs make himself into 
the tremendous success story that he is, today. 

But we never got a cent for it. Computer tech- 
nology is really a cutthroat business, isn't it? A 
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TIPS & TRICKS 




Software 



Windows XP Restoration Kit 



Any advanced PC user may 
need to reinstall WinXP from 
time to time just to clear out 
all the dross of drives and 
incompatible, leftover software installa- 
tions. But then, onto that refreshingly clean 
Desktop comes the first reminder that 
you've also lost all of those wonderful 
tweaks and customizations you'd accumu- 
lated over the years. This month we gather 
together some important Windows tweaks 
every power user may want to re-remember 
when he starts with a fresh WinXP install. 

Step One: Cheat! 

Don't pop open the Registry Editor just 
yet because a lot of adjustments we used to 
make in the Registry Editor are now cov- 
ered by utilities such as Microsoft's Tweak 
UI (www.microsoft.com/windowsxp/down 
loads/powertoys/xppowertoys.mspx) . You 
can browse through the many options in 
Tweak UI for yourself, but we'll drill to 
some essentials. 

Turn off balloon tips. Highlight the 
Taskbar And Start Menu line, uncheck 
Enable Balloon Tips, and click OK. 

To return or remove essential icons 
to your Desktop. Click the Desktop 
line, check/uncheck the appropriate 
boxes, and click OK. 

To stop Windows from starting 
every CD or DVD you insert in the 
optical drive. Double-click My Com- 
puter, AutoPlay, select Drives, uncheck 
the drives you want to disable for 
AutoPlay, and click OK. 



To bypass the logon procedure. Dou- 
ble-click Logon, select Autologon, check 
the Log On Automatically At System 
Startup box, and, if necessary, insert any 
password you have for your account. 

Counter-intelligence 

The other necessary tool for fresh 
WinXP installations is xp-AntiSpy (free; 
www.xp-an tispy.org ). This downloadable 
app isn't spyware protection but an indis- 
pensable security setting tweaker; the short- 
est route to replugging all of those security 
holes and background Windows reporting 
mechanisms that threaten your privacy and 
can open you up to hack attacks. 

Here are just a few highlights: In the 
MediaPlayer section of xp-AntiSpy, you 
can check the options for not sending infor- 
mation about your player to Microsoft or 
not starting the Media Player in the Guide 



WinXP Tip Of The Month 



If you want a clearer, cleaner view of your 
image thumbnails in a folder, you can sup- 
press the file names that appear beneath 
each image. Make sure you're not in thumb- 
nail view and then hold down the SHIFT key 
when you switch back into thumbnail view, 
which removes the file names. This change 
will stay in effect every time you revisit this 
folder and use thumbnail view until you turn 
it off. To turn it off, switch out of thumbnail 
view and back in again holding the SHIFT key 
to restore the default setti 



mode. For privacy, you can keep Media 
Player from saving your recently played files 
or visited URLs. Likewise, use the Error 
Reports section to prevent WinXP or Of- 
fice from sending error reports when they 
encounter problems. Use the Services menu 
to disable a number of automated tasks that 
access the Internet without your knowl- 
edge, such as auto-updating and the clock 
synch tool. Unless you're on a network that 
actively uses the network messenger service, 
you'll probably want to check the Disable 
Messenging Service option because this is a 
well-known hole for hackers. 

The Click From Hell 

One of the annoying default properties 
in Windows is the navigation click that 
Internet Explorer emits when you activate 
a link. To silence it click Start, Settings, 
Control Panel, and double-click Sounds 
And Audio Devices. Click the Sounds tab. 
In the Program Events window, scroll 
down and click Start Navigation item in 
the Windows Explorer branch. Use the 
drop-down menu to change the sound to 
None and click OK. 

At Your Service 

Over the years you may have learned 
about and turned off many of the back- 
ground Windows Services that can chew 
up CPU cycles and even open some securi- 
ty holes. To bring up your Services option, 
click Start, Run, type services.msc in the 
Open field, and click OK. Double-click 
any Service to bring up its Properties win- 
dow and in it the description drop-down 



Registry Tweak Of The Month 



As you install more applications to the 
Windows Desktop, the Programs menu 
becomes disordered and cluttered. 
Restoring alphabetical order to this mess 
is a matter of deleting a Registry key. 
First click Start, Run, type regedit in the 
Open field, and click OK. Next go to 
HKEY_CURRENT_USER\SOFIWARE\ 
MICROSOFT\WINDOWS\CURRENTVER- 
SION\EXPLORER\MENUORDERand high- 
light and delete the Start Menu2 subkey. 
>e the Registry Editor and re " 
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Microsoft's Tweak Ul PowerToy is a good 
shortcut to the essential tweaks every 
power user might like to make when he 
reinstalls Windows. 



options for stopping the service now, let- 
ting it start automatically, disabling, or set- 
ting it to Manual. 



Add Prefetch Switches 

To launch third-party 
apps faster, create a 
Desktop shortcut for the 
program, right-click the 
app, and select Prop- 
erties. In the Target box, 
type /prefetch: 1 at the 
end of the command 
line and click OK. 
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Optimize Prefetching 

WinXP's prefetch sys- 
tem can speed boot and 
application load times by 
preloading parts of fre- 
quently used programs into memory. 
To optimize the setting, open the Reg- 
istry Editor, go to HKEY_LOCAL_ 
MACHINE\SYSTEM\CURRENTCON- 
TROLSET\CONTROL\SESSION 
MANAGER\MEMORY MANAGE- 
MENT\PREFETCHPARAMETERS, and 
double-click EnablePrefetcher. Type 3 in 
the Value Data field to enable both boot 
and application prefetching, which acceler- 
ates both operations noticeably. 

Disable Indexing 

Unless you do a lot of file searching, this 
background task adds unnecessary memory 
use and disk thrashing when you access a 
file. To turn it off, double-click Add Or 
Remove Programs in the Control Panel, 



xp-AntiSpy lets you quickly plug all of 
those security and privacy holes that 
Windows leaves wide open by default. 



click Add/Remove Windows Components 
on the left-hand side, uncheck Indexing 
Service, and click Next and Finish. 

Spare Your Drive 

Reclaim disk space by disabling or re- 
setting a number of WinXP functions. 

Right-click the Recycle Bin, select 
Properties, and adjust the slider to reduce 
the percentage of your drives the Bin uses 
to store deleted files. 

If the hiberfil.sys exists in your root 
directory, then Windows' disk-hogging 
Hibernate function is enabled. If you 
never use Hibernate, double-click Power 
Options in the Control Panel, click the 
Hibernate tab, and uncheck the Enable 
Hibernation box to turn it off and save 
up to 1GB of space. 

System Restore can eat up to 12% of 
your hard drive unless 
you tame it. Right-click 
My Computer, select 
Properties, and click the 
System Restore tab. 
Highlight your main 
hard drive and adjust the 
slider. (This will limit 
the number of restore 
points Windows saves.) 
Of course, if you like 
working without System 
Restore's safety net, you 
can check the Turn Off 
System Restore box. 



Terminate DLLs 

Windows can junk up its own memo- 
ry by holding onto a terminated pro- 
gram's DLLs. To stop this function, 
open the Registry Editor, right-click the 
HKEY_LOCAL_MACHINE\SOFT- 
WARE\MICROSOFT\WINDOWS\ 
CURRENTVERSION\EXPLORER 
key, click New, Key, and then name it 
AlwaysUnloadDLL. Double-click the 
Default value in the right-hand pane 
and set the Value Data to 1 . Reboot for 
this to take effect. 

Snag That Lag 

It's a new Windows installation, but 
why are Start submenus popping up so 
sluggishly? Because you need to put in 



the indispensable menu delay tweak 
that reduces this default lag. In the Regis- 
try Editor, go to HKEY_LOCAL_MA- 
CHINE\SOFTWARE\MICROSOFT\ 
WINDOWS\CURRENTVERSION\ 
EXPLORER and open the MenuShow- 
Delay Value. Change the value to 300 or 
200 and then reboot. 

Quicker Exits 

The only thing more frustrating than 
long boot times is a long shut down time. 
The widely known culprit involves 
Windows waiting for Services to shut 
themselves down first. To change this dra- 
matically, in the Registry Editor go to 
HKEY_LOCAL_MACHINE\SYSTEM\ 
CURRENTCONTROLSET\CONTROL 
where you'll find the WaitToKillService- 
Timeout. Double-click the value and 
change the Value Data to 10000 or lower 
after you try it out. Be careful, though, set- 
ting it too low can inadvertently shut down 
programs too quickly and lose data. CPU 

by Steve Smith 



Infinite lOQp 
Hydro-Power! 

■he search for natural renewable 
energy sources is ongoing, but 
Tango Group Limited is taking a whack 
at water-powered technology on a 
small scale. Tango has launched a line 
of water-powered gadgets, including 
three digital clocks, two calculators, 
and a water-powered battery (for use 
in Tango's water-powered gadgets). 
When the water evaporates from the 
device's reservoir, just fill 'em back up, 
and they're ready to go. Batteries not 
included (and not needed). 
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Explore With Konqueror 



Last month, we looked at Nautilus 
(page 98), the file manager for the 
Gnome desktop environment. 
This month, we turn our focus to 
Konqueror ( www.konqueror.org) , which in 
addition to being a Web browser, is also the 
file manager for the KDE desktop environ- 
ment. For this article we used Konqueror 
version 3.5.2, which we took from a 
Kubuntu LiveCD distro. If you're already 
using KDE, check the Konqueror version 
you have by opening Konqueror and select- 
ing About Konqueror from the Help menu. 

Find Your Way Around 

When you open Konqueror initially, it 
may greet you with a relatively bare-bones 
version. If so, you can click Settings, 
Toolbars, and Main Toolbar to display 
the Show Navigation Panel button. You 
can use this button to display a side pane. 
If you'd rather not have this additional 
toolbar shown, just close it from the 
menu. With the side pane open, however, 
you'll notice a series of tabs along the left 
that includes the options: 

Amarok — if you have the Amarok 
music utility installed, an icon of a howl- 
ing wolf is the first tab shown. Clicking it 
loads Amarok in the left pane to let you 
navigate the music-building program to 
your music collection. 

Bookmarks — loads your Konqueror 
bookmarks in the left pane. 

History — loads your Web surfing his- 
tory in the left pane. 



Home — displays a directory tree for 
your Home folder in the left pane. 

Metabar — displays data about the file 
or folder that is currently selected in 
another pane or that's entered 
in Konqueror's address bar. If 
you can perform actions on 
the file (for example, opening 
a text file with a text editor 
installed on your system), a 
list of possible actions will dis- 
play in the left pane. 

Network — an interface that 
provides easy access to major 
KDE FTP and Web resources. 

Root Folder — displays the 
directory tree for your entire 
file system in the left pane. 
This is the view many users 
unfamiliar with Linux expect 
to find in a file manager. 

Services — a catch-all interface for vari- 
ous programs and configuration options. 

System — a file-system browser orga- 
nized by drives, devices, and network 
shares rather than a directory tree. 

Control Folder Content Views 

Konqueror also offers an interesting 
selection of options for viewing the con- 
tents of a folder. You can select one of the 
various options by clicking View and then 
View Mode or use one of two view buttons 
available in the window. The view buttons, 
along with a collection of other icons, only 
appear when there are files displayed in the 



right pane. Clicking the Icon View and 
Tree View options changes the view be- 
tween displaying files and folders as icons 
and displaying files and folders as smaller 
icons with additional information attached. 
If you click and hold these buttons, a sub- 
menu appears from which you can choose a 
more detailed version of that view. These 
additional options include: 

Multicolumn View — aligns icons in 
columns instead of rows. 

Info List View — displays filenames 
and small icons in the same format as 
the Tree View but without additional 
file information. 

Detailed List View — same as the Tree 
View, but folders aren't expandable with- 
in the window. Tree View does provide 
an option to view a folder's contents 
beneath that folder. 

Text View — same as the Detailed List 
View but with no icons. 
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Home Folder 

Your personal files 



Storage Media 



M 



!l Installed programs 






Disfcs and removable media 



About Kubuntu 

Kubuntu Quick Guide , Release Notes 



Not only is Konqueror a file manager for the KDE 
desktop environment it's also a Web browser. 



Image View — a three-paned approach 
that displays a file-system tree in a far-left 
pane, thumbnails of images contained in a 
selected folder in a middle pane, and con- 
tents of a selected image in a far-right pane. 

File Size View — a two-paned view in 
which the left pane displays a file-system 
tree and the right pane displays a graphical 
representation of the selected file's size. 

Konqueror As A File Manager 

If you're using Konqueror for file-man- 
agement purposes, chances are good you 
have the side pane enabled and the Root 
Folder or Home tabs displayed. In either 
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TIPS & TRICKS 



case, using Konqueror remains the same. 
In a typical KDE setup, you open a file/ 
folder in Konqueror with a single click. 
There are typically also arrows or plus signs 
next to folders to expand them (if you're 
using a view that offers this feature). 

To move or copy a file from one loca- 
tion to another in Konqueror, just click 
and drag it to the new location, after 
which a dialog box will ask if you want to 
move or copy the file. You can also right- 
click a file you want to move or copy and 
in the resulting context menu select either 
Move To or Copy To. Selecting multiple 
files/folders works the same in Konqueror 
as in Nautilus. Just press and hold the 
CTRL key while clicking one at a time 
the files you want included. If you want a 
chunk of files that are listed in order, 
select the first file, press and hold the 
SHIFT key, and click the last file. Right- 
clicking a selected group of files will dis- 
play a context menu offering options 
beyond the standard Cut, Copy, Rename, 
and Move. Some of these include: 

Open With — a selection of applica- 
tions the OS offers to open the file/folder. 
There's also an Other option to use a pro- 
gram not shown in the menu. 

Preview In — a selection of tools for 
displaying a file/folder's contents inside 
Konqueror without needing to open a 
separate program. Other is an option 
here, as well. 

Actions — a set of common options 
related to a file. For example, options for 
a text file might include printing it, edit- 
ing it as the root user, creating a data CD 
using the K3b app, and transferring the 
file via Bluetooth. 

Compress — options for creating various 
archive types from the file/folder or adding 
the file/folder to an existing archive. 

Properties — provides a preview of the 
file's contents and opens a Properties 
dialog box for the file with options for 
viewing and altering file permissions. 

The Start Points Screen 

When you launch Konqueror, you 
should see a Starting Points screen that 
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Conquer your Desktop! 

Konqueror is your file manager, web browser and universal document 
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■ Konqueror is designed to embrace and support Internet 

I standards, The aim is to fully implement the officially 

I sanctioned standards from organizations such as the W3 and 

I OASIS, while also adding extra support for other common 

I usability features that arise as de facto standards across the 

I Internet. Along with this support, for such functions as 

I favicons, Internet Keywords, and XBEL bookmarks , 

I Konqueror also implements: 
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In addition to Konqueror's 
main toolbar at the top, the 
program also offers a side 
pane to the left where you 
can access various tabs. 
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contains various options. If not, click 
Help and Konqueror Introduction. You 
can return to this point at any time by 
opening a new Konqueror window or just 
using the Back arrow. Options include: 

Home Folder — the contents of your 
home directory. 

Network Folders — shared folders 
available via Bluetooth, Samba, and other 
network interfaces. An Add A Network 
Folder option lets you add WebDAV and 
FTP tools, Windows drives (through 
Samba), and SSH sessions. 

Applications — a list of installed pro- 
grams on the system. 

Storage Media — a list of the system's 
storage options. 

Trash — the contents of your trash can. 

About Kubuntu — in a default Kon- 
queror setup, this option points to 
Settings, which opens the KDE Control 
Center. In Kubuntu this option opens an 
About Kubuntu dialog box. 

There's also a search option in Starting 
Points that acts as a GUI to the OS' locate 
command, which helps you search for files. 

Konquer Your Desktop 

You can use Konqueror as a file man- 
ager, Web browser, and a viewer to see 
your documents, but it's also a one-stop 
interface for many KDE settings and 
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features. Think of it as KDE's Swiss Army 
Knife, compass, and everything else. For 
more tips and tricks on how to use 
Konqueror, go to the Starting Points 
screen and click Tips. This will display a 
page of hints to make even better use 
of Konqueror. CPU 

by Dee- Ann LeBlanc 
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Flash Pet Collar 

Does your dog like to run wild or 
your cat fancy an occasional night 
out on the town? If so, help keep track 
of your little critters with the MicrolD 
Collar, a device that puts a flash memo- 
ry card and USB controller right into a 
pet collar to electronically store the 
pet owner's contact information. The 
MicrolD Collar also lets pet owners store 
detailed facts about their pets, including 
medical information, related treatments, 
and any other useful information. Any- 
one who finds a lost pooch or kitty can 
then access that data by inserting the 
card into a computer. Jonathan Warren 
of West Palm Beach, Fla., invented the 
MicrolD Collar, which recently won the 
PetSafe Idea Fetch pet invention contest 
over 5,000 other entries. The device will 
be available at PETCO stores this fall. 
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Maxpoint Computer Inc. 
1733 Rowland Street 
City of Industry, CA 91748 
(626) 913-8899 
www.maxpoint.com 



Coolergiant Computer Inc. 
2955 Whipple Road 
Union City, CA 94587 
(510) 324-0688 
www.coolergiant.conn 



Shavings From The Rumour Mill 



All Roads Lead 
To Merom 



It is a fact that for the last three or maybe 
even four years, AMD has sold more note- 
books in retail in the USA than Intel. It is also 
a fact that for the same period of time Intel 
has sold more of its branded Centrino 
machines to large organisations than AMD. 

That could be about to change, but the 
uncertainties in the notebook market — especially 
now that we're finally getting gaming and good 
graphics support as well as larger screens — make 
it hard for anyone, least of all AMD and Intel, to 
be sure what's going to happen. 

First, the bad news: Despite their best 
efforts, neither Intel nor AMD have managed 
to design crafty CPUs that significantly extend 
a notebook's battery life. Indeed, our impres- 
sion is battery life has dropped, and the reason 
is clear to see. Screen sizes have got bigger, and 
whenever you rev up a processor and chipset, 
it's inevitable that the overheads in terms of 
power consumption increase, as well. There's 
no getting away from it. 

Oh, there's more bad news. Fuel cell tech- 
nology is still in its infancy, and even research 
and development-intensive Intel hasn't man- 
aged to come up with a viable design. A recent 
report suggested Casio could be on the verge 
of a breakthrough, but "could be" is a long 
way from a product you can buy, so we're a 
few years away from 20-hour notebook bat- 
tery life, still. And very unfortunately. 

Still, using CPUs designed for notebooks 
but with a power socket is a great idea; we're 
seeing such machines from Intel during the 
course of this year. They'll be quiet and 
power-efficient. They'll also be expensive, but 
this is the PC industry. 

Via's latest CPU is not on the side of power 
intensive at all, and one or two PC firms have 
already started selling machines using the tech. 
Guess what? They're still going to cost you 
around $500 or so, and that's because of the 
high cost of the other components surround- 
ing a CPU. Although notebook LCD panels 
continue to fall in price, add in a copy of 
Microsoft Windows XP Home, a reasonably 



sized hard drive, other bundled software, 
memory, connectors, and the rest, and it's 
hard even for a Via-based system integrator to 
compete with the likes of Dell and HP. 

This brings us back to Intel Merom, the 
dual-core CPUs that Intel will introduce at 
the end of this year in desktop, mobile, serv- 
er, and Apple versions. We managed to get 
some details of these processors between the 
last column and this — they are, as we pre- 
dicted a good while back, 64-bit ready, but 
that doesn't matter too much. By the end of 
this year, almost every X86 CPU will be 
dual-core and 64-bit capable, well before any 
consumer Windows operating system is 
ready, according to all accounts. 

It's likely Microsoft will introduce versions 
of Vista which are 64-bit capable in time for 
the massive onslaught from both AMD and 
Intel, but we very much doubt that any but 
the most dedicated CAD, design, and data- 
base vendors will have software waiting for 
the processors. Microsoft may make some 
gestures toward 64-bitness with the introduc- 
tion of Office 2007 in, er, 2007, but no one 
is really expecting the software vendors to put 
their weight behind this in what still seems 
like the early years. 

Nor will you find many firms making drivers 
to join the 64-bit bandwagon, we predict. Few 
enough rushed to support Windows XP 64 
when that came out, and that means they'll 
want to keep their current peripherals compliant 
with 32-bit Windows, especially as not everyone 
will want to join the Microsoft Vista band- 
wagon for a while yet. 

And because Intel Hyper-Threading is 
rather a defunct technology now that dual 
cores have come along, you're unlikely to see 
any vast improvements in performance 
because the clock speeds are going to be pretty 
similar anyway. 

Except, possibly, in the case of Apple 
machines. Because they run Mac OS X and a 
driver port is theoretically easier for this OS 
than for Microsoft. A 




Send rumours to "Mad Mike" Magee at Mike@cpumag.com. 
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Power Management: 

From The Edge Of Mobility To The Center Of The Enterprise 



Guest Column 
by Phil Hester I 



For years, "power management" was a term 
rarely heard in processor or system design 
circles, unless you happened to be designing a 
new notebook PC or mobile phone. The 
"clock race" around desktop and server com- 
puting resulted in power consumption and 
management taking a back seat to speed. But 
recently, three parallel trends have moved the 
topic of power management to the forefront 
of processor and system design. 

First, the emergence of mobile computing as 
a critical mode of computing focused attention 
on some very real challenges around improving 
battery life and lowering heat . . . and the solu- 
tions for mobile computing began to flow across 
the entire computing spectrum. 

Second, the increasing power densities that 
were part and parcel of the clock-rate paradigm 
were becoming increasingly problematic. You 
simply couldn't cool things efficiently anymore. 

The emergence of dual-core and multi-core 
was the final element that brought power man- 
agement into the spotlight as a critical design 
consideration. How loads run on different cores, 
how they can be managed more efficiently, and 
how we continue to add more and more intelli- 
gence inside the processor, all have helped to 
focus attention. End-user demand for lower 
power solutions is growing rapidly across all 
industry segments, led by enterprise customers. 

In the spirit of disclosure, I queried some of 
my colleagues in AMD's technology develop- 
ment group about their experiences and obser- 
vations on the power management topic, so 
this article also reflects their contributions. 
Since power management is such a huge focus 
for us at AMD, I thought I might get some 
interesting responses. Here are a couple of 
data points that rarely make it to the surface: 
• For every watt consumed by a typical comput- 
er, the physical server/computer installation 
requires two additional watts, most of it for 
cooling. When you consider the average cost 
of a commercial kilowatt/hour in October 
2005 was 8.89 cents, and multiply that by the 
sheer number of desktops and servers in use, 
you can see why IT managers are paying a lot 
of attention to power consumption. 



• A 120-watt processor pulls 100 amps of 
current, while a washing machine draws 
five to 10 amps. Talk about dirty laundry! 

In all seriousness, power management is very 
complex and not always understood at the user 
level. The multi-faceted and pervasive nature of 
power will demand clever and creative ways to 
overcome the limits of technology scaling and 
power density at the silicon level. Just as the 
industry did with increasing overall perfor- 
mance, power efficiency advances are a system- 
wide phenomenon. Even as AMD continues its 
pioneering work on "performance-per-watt" as a 
design goal, there remain tremendous opportu- 
nities at multiple levels of the overall solution. 

At the process level, for example, our R&D 
teams are consistently creating higher perfor- 
mance, more power-efficient transistors. To 
ensure we stay at the forefront of processor per- 
formance-per-watt, we have set a goal of intro- 
ducing these new transistors about every quarter, 
continuing the rate of technology improvement. 

At the design level, we are investigating new 
ways of increasing power efficiency by control- 
ling the individual power envelopes for each of 
the cores within our multi-core designs. 

With the emergence of 64-bit desktop OSes 
and applications, the push to parallelism on the 
desktop gives us opportunities to think more sys- 
temically about power efficiency in the context 
of multithreaded applications, for example 
aggressive use of "P-state" and "C-state" at the 
OS level to autonomously mange power. While 
multi-core inherently gives power efficiency a 
boost today, there's much more to come in time. 

One of our most important goals in this effort 
is to deliver maximum performance, per watt, 
per dollar, per square foot in the data center. 
When you look at the true "total cost of owner- 
ship" of a PC, power becomes just as critical a 
component as software or support. Even as we 
approach some limitations (like voltage scaling) 
and opportunities (like new materials and pro- 
cesses) it's clear that power management and 
efficiency are now integral considerations for any 
processor design. The power imperative has 
moved from the edges into the mainstream. A 
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Contact our specialists at 
1-S00-9SS-4224 



Or on the web at 

\ www.directron.com/asus.html 



ASUS Z62F 
barebone notebook 

Powerful and small solution at an 
affordable price 

• Intel Yonah Processor with 2M8 On-Die 
L2 Cache (Dual or Single core} 

• Speeds from 1,5+ GHz, uFC-PGA Package 

• Or Mobile Intel Celeron -M Processor 
(Yonah) 1M On-Die L2 Cache 

-Intel 945GM & ICH7-M Main board Chipset 

• 14" WXGA (1280x800) TFT display 

• 2 x SODIMM Dual Channel Slots (ZGBJ 
« DVD + CD-RW Combo 

. Embedded Intel 945GM Video 

• Support wireless 802.11 a:'fa/t) 

• Fast Ethernet / Gigabit Ethernet 

• Modem supported V.90 and universal PPT 

• 2. 5 -inch ultra -slim 9.5mm HDD, capacity 
of 60/80/100/120 G5 and 4200 & 5400 RPM 

• Interchangeable DVD+CD-RW Combo 
module or DVD+/- RW module 

• Dimension: 13,15" % 9.9" x 1.00 "-1,4" 

• One year limited warranty 



ASUSZ71V 
barebone notebook 

The most flexible high 
performance solutions for users 

• Intel® Pentium® M Processor with 2MB on- 
die cache 

• Speeds at 1.67Ghz-2.5QGhz{Dothan}, 400 & 
533MHz FSB; 

• Mobile Intel Celeron M Processor with 
512K/1MB on Die L2 Cache 

• Speed from 1.3Ghz-1.7+Ghz 

• Intel® 91 5GM chipset 

- 15.4" WSXGA+ (1680X1050) TFT Display 

• 2x SO-DIMM socket expandable to 2GB 

• PCI Express NVIDIA $600-1 28MB 

• 2.5- inch ultra-slim 9.5mm SAT A/PAT A HDD, 
capacity 

• Built-in card reader: SD/MMC/MS/MS Pro 

• Interchangeable DVD+CD-RW Combo 
module or DVD+/- RW module 

> 5 button Instant launch keys 

• Microsoft Windows XP Supported 

• Dimension: 14.0" x 10.8" x 1,4" 

• Weight: 6.6 lbs 

. One year limited warranty 

> Optional: 2nd HDD housing, 2nd Battery 

• fi'i'*-' Notebook carrying bag 



ASUS A8N32-SLI Deluxe 
Motherboard for AMD® 

Latest Dual PCI-E x 16 and 
Dual-Core CPU Ready 

. Socket 939 for AMD® Athlon™ 64 FX / Athlon 
64 X2 / Athlon 64 / Sempron™ processor 

• NVIDIA nForce™4 SLI X16 

• 2000 / 1600 MT/s Front Side Bus 

• Dual channel memory architecture 

4 x DIMM, max. 4GB, DDR 400 / 333 / 260, 
ECC, non-ECC, un-buffered memory 

• Dual Gigabit LAN 

- ASUS PEG Link for dual PCI Express graph- 
ics cards 

• Support two SLI-ready graphics cards 
. 4 x Serial ATA 3 Gb/s 

• 2xUltraDMA 133/ 100/66/33 

• NV RAID: RAID 0,1,0+1,5 

• Coaxial / Optical S/PDIF out ports en back I/O 

- 2x PCI-E x16 with SLI 1 " 

• 1 x PCI-E x4, 

• 3 x PCI 2.2, 2 x IEEE 1394a 
. 10 x USB 2.0/1.1 

• Reaitek® ALC850 3-channel CODEC 

• 3- V ears Manufacturer warranty 




ASUS 19" LCD Monitor 
MM19SE w/ speakers 



contrast, image sharpness & brightness. 

• 19" TFT LCD Monitor with Splendid 
Video Intelligence Technology* 

« SXGA 1280x1024 Resolution 

• 8ms Response Time 
« 700:1 Contrast Ratio 

• 400cd/m2 Brightness 

• 0.264mm Pixel Pitch 

• 16.2M Display Colors 

. 5 Video Preset Modes (by hotkey) for Color 
Scenario Selection 

• 1.2W x 2 Stereo Built-in Speakers 
. Viewing Angle (H/V): 150°/130' 

• VESA Wall Mount 100 x 100 mm. 

• Dimensions: 423 x 429 x 215 mm (W x H x Dj 

] Splendid Video intelligence Technology 
carefully evaluates every pixel in every frame 
and dynamically adjusts thaw according to 

conditions most favorable to the human eye. 
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HSPC TeCh Station Fast-Access Computer Case! 

" The Tech Station (patent pending) is a hardware workbench 
bringing PC parts within easy reach yet keeping them safe and 
secure. Perfect for PC builders, upgraders, and over/dockers." 



- New! Secure rubberized 
motherboard standoffs 

■ HDD storage/cooling rails for up 
to two 3.5" hard drives 

- AGP/PCI card support brace w/ 
thumb screws (no loose add 

in cards!) 

- ATX Control Kit (mini power/reset 
switches, LED s, speaker) 

-120mm fan for ideal cooling 

- Antistatic and non-conductive 5 
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Systems With Style 



"HYPERKORE IS JUST MORE THAN TWO YEARS OLD . 
YOU WOULDN'T KNOW IT THOUGH, BROWSING 
ITS SLICK WEBSITE OR PLAYING 
GAMES ON ITS HIGH-END 
HK-XTREME." - CPU MAG. 

• Intel and AMD 

- PCI Express/SLI 

- 3 Year Warranty 

- HD Audio 

- Gigabit LAN controllers 

- Overclock capable* 

- LASER ETCHED WINDOW* 

- Custom Lighting* 

- Custom Wire Management 

- Personalized owners manual 

- System Wide Performance Tuning 
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DEAR GOD, WHAT A MACHINE. Just playing in 

the fiery depths of hell never sounded, 

nor looked, so damn good. 

OVERALL RATING 11/10 !!" 

- FastLaneHW.com 

"... I guarantee that their work is 
going to blow the others away . 
If you desire Professionalism and 
Quality in a company then I say use 
Hyperkore!" - satisfied customer 
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Technically 




An Interview With Katherine 
Albrecht, Author & RFID Watchdog 

Katherine Albrecht has been called the Erin Brockovich of 
RFID. She defines a consumer privacy expert, however, as 
"someone who pays attention to the risks that consumers run 
when they go about their regular business." Albrecht's actions 
would seem to back up her words. She's the founder and direc- 
tor of CASPIAN (Consumers Against Supermarket Privacy 
Invasion and Numbering), a consumer watchdog group that 
has more than 12,000 subscribers to its Web site (www 
.nocards.org ) and representatives in all 50 states and 30 coun- 
tries. Albrecht, who's finishing up a doctorate degree in con- 
sumer education at Harvard University, is also the co-author of 
"Spychips: How Major Corporations And Government Plan 
To Track Your Every Move With RFID." 

by Barry Brenesal 




CPU: What is your main concern about 
RFID technology? 

Albrecht: It's an incredibly powerful 
technology that easily lends itself to abuse. 
RFID readers can be placed invisibly in the 
environment. RFID tags can be placed on 
clothes and in people's belongings. And 
maybe the most worrisome part is that the 
companies that are aiming to put the read- 
ers in the environment and the tags into 
people's belongings have spelled out some 
pretty frightening plans for how they hope 
to abuse the technology — literally to use it 
to spy on people. 

CPU: What could RFID tagging track? 

Albrecht: Probably the best example is a 
patent from IBM called "Identification and 
tracking of persons using RFID-tagged 
items." They filed it a few years back. IBM 
has been in on the RFID/EPC (Electronic 
Product Code) formal plan for many years. 
Essentially, what they describe is a system 



whereby when a consumer made a pur- 
chase, the consumer's identity would be 
linked with the unique number on the 
RFID tag at the point of sale. It's stored in 
the database. Right now, there are compa- 
nies that specialize in consolidating that 
point-of-sale information from various 
retailers. In fact, one company, IRI (Infor- 
mation Resources, Inc.), states that they 
consolidate information from over 30,000 
different retail locations into centralized 
databases. The concern is that this informa- 
tion would be linked, so that instead of 
knowing that I wear size 7 Nike running 
shoes, they would know I wear size 7 Nike 
running shoes with a unique ID number. 
And as IBM goes on to explain it, now that 
you have this link between the individual 
and the item, when those people walk 
around, you capture the unique RFID 
numbers from their belongings by hiding 
reader devices in the environment. Then 
you can cross-reference them in your data- 
base and have a pretty good sense of who 
just walked by [the hidden reader]. They 



recommend it both for identifying and 
tracking people as they move around in 
public locations and quasi-public locations, 
such as retail stores. They also recommend 
using it for marketing purposes. One exam- 
ple they gave is looking in a woman's bag 
because the radio waves from RFID travel 
directly through what we usually rely on to 
protect our privacy, like backpacks, bags, 
and purses. If she's carrying a baby bottle, 
then they recommend interactive electronic 
advertising to spam her with environmental 
ads of other baby products. 

CPU: Any mention of looking inside 
someone's bag is going to raise the hackles 
of a lot of people, but realistically how far 
away can a company track RFID tags? 

Albrecht: It depends on what kind of 
tag you have, what the frequency is, and 
the strength of the reader. For the 
13.56MHz tags that they're talking about 
doing item-level tagging and barcode 
replacement, you'd probably get about 3 
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to 5 feet of read range. And obviously, 
with 3 feet of read range, you could read 
tags on somebody going through such a 
doorway. We also found that Philips Elec- 
tronics has developed an RFID antenna 
that can be invisibly woven into a shoe. It 
can be read from reader devices in the 
floor — and try getting more than an inch 
away from the floor. You don't need a lot 
of read range to read somebody who's lit- 
erally standing on top of your reader. 

Not only does IBM want to use this to 
identify and track people for marketing pur- 
poses, they recommend putting this tech- 
nology into the hands of law enforcement. 
They give their list of locations where they 
think it would be appropriate to place these 
[tag readers] that — the hair stands up on the 
back of most people's necks — museums, 
libraries, shopping malls, sports arenas, the- 
aters. They even talk about putting RFID 
readers in public restrooms. The concern is 
that as you walk around, you could be iden- 
tified with a form of Virtual frisk' based on 
all your possessions. That's why I think 
RFID is particularly insidious — because you 
can do it invisibly, silently, and secretly. No 



from a satellite, as in finding a hiker lost in 
the woods. You're not going to be able to 
read their implant from a satellite. You're 
not even going to be able to read it from 
across the road. 

CPU: So the main problem isn't the dis- 
tance a RFID tag can be read but rather the 
quantity and quality of information that's 
shared through the use of the technology? 

Albrecht: The developers of that tech- 
nology are the people who actually envi- 
sion a network of readers that would be 
everywhere. If and when that does occur, 
when every doorway is rigged with an 
RFID reader, when every doormat has 
one in it, when these are in shelving and 
ceiling tiles, it becomes an issue of distrib- 
ution and instant computer analysis. 

CPU: On the Web site 463: Inside Tech 
Policy, it states, '. . . beyond electronic 
payments, RFID technology is still a far 
ways away from moving from the pallet 
to the product level.' Would you object to 



dollars of investment. It's a sleeping giant 
because the industry has kept its growth 
and advancements out of the public eye. 
You've got corporations and governments 
pouring huge sums of money into develop- 
ing the superstructure, and you've got the 
average citizen having no input into that 
decision-making process because they're 
not even aware that this is going on. 

CPU: Can effective legislative controls 
be put on RFID tagging and reading? 

Albrecht: I really don't believe that the 
answer to solving our privacy problems is 
going to the legislatures with our hats in 
our hands and asking for help. The one 
role I think is appropriate for legislation is 
to make sure people know where the 
RFID tags are. Some consumers will 
choose to embrace them and seek out 
products using RFID. I say more power 
to them. Other people will choose to 
avoid products containing RFID. But let 
consumers make that decision. Let the 
marketplace decide. 



We oppose RFID tagging when it winds up in the hands of the 

Consumer, period . — Katherine Albrecht 



one need ever know that you did it. So if 
you are a marketer, you could use that in 
a lot of sneaky ways. If you are a govern- 
ment agent, then it starts becoming 
downright chilling. 

CPU: Do you see positive benefits for 
some uses of RFID tags? What about tag- 
ging small children in a mall, which the 
Legoland Denmark theme park is reported- 
ly pursuing? Tagging some pets? Tagging 
criminals in minimum-security facilities? 

Albrecht: Regarding the theme park, I'd 
like to actually look at the reports on that 
and see what they're doing. I know that in 
Mexico the news reports suggest RFID will 
prevent kidnappings, so people are encour- 
aged to sign up and get VeriChip implants. 
But I really think they're relying on the 
misconception that an implant can be read 



RFID tags on packaging as opposed to 
the label or product? 

Albrecht: We oppose RFID tagging 
when it winds up in the hands of the con- 
sumer, period. As far as the packaging 
goes, we found one patent by an IBM- 
supplier company called Isogon [IBM 
acquired Isogon in July 2005] for a reader 
device that can be put on the side of a car. 
You can drive down the street on garbage 
collection day and scan people's trash. 

CPU: So is the RFID industry growing 
too quickly? 

Albrecht: Beyond a doubt. There have 
already been hundreds of millions of 



CPU: Can you foresee a situation where 
the majority of consumers don't care, and 
you'll have to buy and use products that 
employ RFID tagging? 

Albrecht: That could happen. That is 
one of the risks of letting the market 
decide. 

CPU: Then that gets back to the issue of 
legislation as a prophylactic. 

Albrecht: The heavy-handed legislative 
solution would say this stuff is dangerous, 
therefore ban it, limit it, control its use. 
And there are many privacy organizations 
out there that advocate that approach. 
CASPIAN just is not one of them. CPU 



CPU 
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What's Cooking 



Under Development 

A Peek At What's Brewing In The Laboratory 



by Kristina Spencer 



Wi-Fi Catches The mmWave 



Nothing ruins the eye candy of a sleek 
wall-mounted flat-screen TV like the 
bundle of cables required to connect the TV to 
the DVD player, cable box, and other periph- 
erals. Although you can organize, disguise, or 
hide the wires, the speed and data transmission 
limitations of current Wi-Fi technology present 
a serious hurdle for any digital aesthete looking 
to cut the cords. But this may soon change. 

Scientists at IBM's Thomas J. Watson 
Research Center recently announced a new 
chipset that's capable of transmitting and 
receiving data at up to lGBps, bringing the 
dream of wireless HDTV much closer to 
reality. Operating at 60GHz in an unli- 
censed portion of the radio spectrum known 
as the mm Wave (millimeter wave) frequen- 
cy band, the chipset makes use of shorter 
wavelengths that transmit data much faster 
than today's Wi-Fi (which uses 2.4GHz or 
5 GHz bands) can. An additional benefit of 
mmWave technology is that its transmission 
range, limited to about 30 feet, creates a 
WPAN (wireless personal-area network) 
inaccessible to neighbors or passers-by, mak- 
ing WPAN far more secure than wireless 
LANs that can transmit up to 150 feet. 



There have been previous attempts to har- 
ness mmWave frequencies for data transmis- 
sion, but they resulted in expensive, bulky 
solutions. IBM researcher Brian Floyd 
explains that the new technology improves 
on these past attempts in several ways. "Our 
chipset uses IBM's standard silicon technolo- 
gy and integrates all analog portions of the 
radio. Additionally, we have embedded the 
antennas directly into the package, where a 
prototype module consisting of a receiver, 
transmitter, and two antennas occupies an 
area the size of a dime." 

"In the end," Floyd says, "this results in a 
very low-cost solution that should allow 
60GHz to have much broader marketability." 

Once the technology is refined and an 
IEEE standard is approved (currently in the 
early stages in the 802.15.3c working group), 
IBM hopes electronics manufacturers adopt 
the technology very quickly. Floyd believes 
consumers could begin seeing 60GHz prod- 
ucts — such as wireless HD multimedia inter- 
faces on TVs and peripherals and WPANs 
used to connect various home portable 
devices — hitting the market within two to 
four years. A 



Philips has created the first fully functional 13.56MHz all-plastic RFID tag, 
which is paper-thin and no larger than a postage stamp. 




RFID Tags Go Plastic 

The ability for manufacturers to place 
RFID tags on every item they make 
and sell could be a retailer's dream but a pri- 
vacy advocate's nightmare. Tagged items 
would make it easier and cheaper to track 
inventory during shipping and while on the 
shelves. But some consumer watchdog 
groups are concerned someone could use 
active RFID tags to track items and those 
who use them after the items leave the store. 
(See page 104 for more on RFID tags.) 

The debate has remained academic thus 
far, as item-level tagging hasn't been feasible 
partially because of the cost of manufactur- 
ing silicon-based RFID tags. Scientists at 
Philips Research in The Netherlands, how- 
ever, have created a fully-functional RFID 
tag based completely on plastic electronics. 
The paper-thin, postage stamp-sized tags 
can transmit ID codes at the industry-stan- 
dard 13.56MHz, and no complex assembly 
steps are required to print the tags (and an 
antenna) directly onto a plastic substrate. 

The scientists also developed a 64-bit 
code generator to show that circuits com- 
plex enough for item-level tagging is possi- 
ble with the plastic electronics. "We have 
proven that the number of bits of the iden- 
tification code is not the limiting factor in 
plastic RFID," says Steve Klink, senior com- 
munications manager for Philips Research. 
"So whatever amount of bits the standard 
will require can be realized in plastic RFID." 

Klink notes that while photolithogra- 
phy was used to make the tags, "to fully 
exploit all the benefits of plastic electron- 
ics for RFID applications, the tags would 
have to be manufactured by in-line pro- 
cessing (printing steps) instead of batch 
processing (photolithography)." 

The sale of plastic RFID tags is still a 
ways off. Klink says, "We have shown the 
technical feasibility of plastic RFID tags; 
the next step is to demonstrate the produc- 
tion feasibility. This will still take a couple 
of years of research." A 
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Color- Coding The Web 



*••*• 
***** 
***** 
***** 
***** 

You're reading a magazine 
or watching TV when an 
ad catches your eye. You make 
a mental note of the Web site 
address, intending to surf to it 
later when you're at your com- 
puter. The moment passes, 
however, your attention moves 
on, and you never follow up. 
Imagine instead that you can 
aim your cell phone or PDA at 
a small, colorful image in an 
ad, click, and download data 
on the spot relating to the 
product or company. 



That small, colorful image is 
a ColorCode, and ColorCodes 
are starting to make a splash in 
Japan and South Korea where 
codes are showing up in print 
media, TV, clothing, and on 
postage stamps and at art gal- 
leries. A company called Color- 
zip is now marketing the tech- 
nology, which Korean research- 
ers first developed in 2000. 

Think of ColorCodes as 
barcodes but better. While bar- 
codes differentiate between 
items through a very intricate 
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pattern of lines, a standard 
ColorCode uses four colors 
arranged into a 5- x 5-cell 
block that's much easier for 
scanners to read, even at long 
distances and with poor resolu- 
tion. Codes can be as small as a 
3mm square with no upper 
size limit and can be easily 
incorporated into company 
logos and graphic designs. 

Each unique ColorCode is 
indexed on a central server and 
linked to a piece of data, be it 
text, video, photo, music, or a 



Want Email Out Of Your Inbox? Step On It! 



Even with a well-config- 
ured spam filter, infor- 
mation workers and heavy 
email users may have to still 
scan and delete dozens, if not 
hundreds, of email messages 
every day. But what if instead 
of having to use a keyboard 
and a mouse to perform this 
repetitive task you could use 
another body part? Say a foot 
or two? 

That is the idea behind 
StepMail and StepPhoto, two 
programs recently demonstrat- 
ed at Microsoft Research's 
TechFest 2006. The Step User 
Interface Group designed the 
programs and tested them 
using a small group of partici- 
pants as a possible solution to 
combat rising incidents of 
repetitive stress injuries and 
soaring obesity rates among 
information workers. 



Using a Dance Dance Rev- 
olution floor pad as the input 
device, StepMail lets users 
scroll through, open, delete, 
and flag messages for later 
response. StepPhoto lets users 
sort through and review digital 
photos in a similar manner. 
Different step commands — 
single step, step and hold, and 
a dual step requiring a jump — 
accomplish the various actions 
in both apps. Not surprisingly, 



the dual step, which lets users 
delete mail with a satisfying 
stomp of the feet, proved the 
most enjoyable action, accord- 
ing to comments from those 
involved in the study. 

Because the Step User In- 
terface programs provide no 
way of actually entering text, 
the apps weren't intended as a 
replacement for a mouse and 
keyboard. "We wanted to pro- 
vide an alternative," says Brian 




Web site link. When reader 
software that's installed on a 
device with a CCD/CMOS 
camera (such as a cell phone) 
scans the code, it's transmitted 
to the server, which then deliv- 
ers the linked content. 

One potential downside is 
that because someone could 
scan and print ColorCodes, he 
could alter a ColorCode in a 
way that could re-route the 
code to a different piece of 
data. Unless this vulnerability is 
addressed, the technology isn't 
a likely candidate for any trans- 
actions requiring secure access. 

Although you will need to 
visit Japan or Korea to see 
ColorCode in action, that may 
not be the case for long. Ac- 
cording to Colorzip's Web site, 
it has three patents pending in 
the United States and is cur- 
rently "considering USA and 
Europe operations." A 



Meyers, a Step User Interface 
Project Group member, in a 
Microsoft press release. "By 
allowing information workers 
to stand and continue to read, 
delete, and flag email messages, 
StepMail gives them a break 
from the keyboard and mouse, 
which reduces the risk of 
repetitive stress injury in their 
hands and wrists and engages 
more of their bodies' muscles." 
Don't expect the next release 
of Outlook to come with a 
dance pad included, but alter- 
native user interfaces based on 
this research could eventually 
find their way into Microsoft 
products. The Step User Inter- 
face Group plans to continue 
exploring such improvements 
to the system as voice-assisted 
text entry and smaller and 
more portable input devices. A 
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Q A m Robert & 
Richard Garriott 



Robert and Richard Garriott 
have been making video 
games together for more 
than 25 years. Richard pub- 
lished his first game, Akala- 
beth, for the Apple II computer in 1977. 
Robert was an "overeducated" older 
brother collecting degrees until he started 
collecting money from Richard's early 
publishers. Together the Garriott brothers 
co-founded Origin Systems in 1983. At 
Origin, Richard focused on creating games 
such as the Ultima fantasy role-playing 
game series; Robert worked on the busi- 
ness side. In 1992 Electronic Arts bought 
the company, but Richard stayed on to 
create Ultima Online. The Garriotts 
joined NCSoft in 2001. The Academy of 
Interactive Arts & Sciences and the Game 
Developers Choice Awards recently hon- 
ored Richard with a lifetime achievement 
award. He's also working on his next 
online game, Tabula Rasa (as of this writ- 
ing). Robert is the president and CEO the 
North American subsidiary of NCSoft in 
Austin, Texas. 

C After 25 years, what are some of 
the things you're still learning 
about games and who plays them? 

RWe get new surprises every year. 
When we launched Ultima Online 
in 1997, we built a virtual landscape. We 
get a million people to move in. But only 
10 to 20 are in the city. Things go horribly 
wrong. And you, as the designer, didn't 
have any way to communicate to players 
what went wrong. We observed emergent 
behaviors. We spent a lot of time building 
things. We built a virtual economy. The 
herbivores would multiply in one area. The 
predators would come in and eat the vil- 
lagers. Players came out in force and killed 
off all of the predators. Then the herbivores 
would multiply. 

What are you trying to do to make 
your games popular? 



^ j We're only now just 
1 1 getting out our 
online games. Ultima 
Online, EverQuest, and 
World Of Warcraft are first- 
generation games, meaning 
the teams that made them 
did not do much before that. 
They are medieval fantasies where 
you're grinding through levels. The 
pace is plodding. You constantly re- 
spawn your avatar. Now with Guild 
Wars and City Of Heroes, with 
Auto Assault and Tabula Rasa, these 
are more fast-paced games. They're 
action-oriented. The play is more 
dynamic. The entire stage of the 
play environment changes over time. 
You get story lines. 

Is there a limited number of people 
interested in these games? 

3^N World Of Warcraft has passed 6 

\\J million subscribers, and people 
say that it's the limit. It's hitting new lim- 
its every day. In South Korea we did well 
with Lineage, another medieval role-play- 
ing game. The original game had a great 
number of subscribers. Now there are still 
a lot of concurrent users. When World 
Of Warcraft came out, people said that 
Lineage would go away, but both games 
still have big numbers. 

City Of Heroes has been a suc- 
cess for NCSoft even with a 
smaller number of subscribers. How 
many subscribers do you really need to 
make money? 

3^ About 100,000 subscribers. The 
1 \J problem is that product develop- 
ment costs are skyrocketing. In 200 1 , it 
cost about $5 million to make a quality 
game. Now it's $15 million to $25 mil- 
lion. The return on investment has not 
gone up three to four times. You still need 
the 100,000 subscribers to make a profit, 




but the real number you need to make 
your development costs back is higher. 



Q 



What are some of the opportunities 
for NCSoft in the U.S. market? 



^ ^^ If you look at the fantasy role- 
l \J playing online game, it's about 
80% of the online games market now. 
But as a genre, it's a very small part of 
the overall games market. That's an 
anomaly. NCSoft is still the top compa- 
ny in the medieval/fantasy role-playing 
market. We love it, but there is more we 
can do. There are all these other genres 
that no one is doing. 

What's in the future for online 
gaming? 

^}f\ Online invisibility. You used to 
\\J be able to tell who was a com- 
puter-controlled, non-player character 
and who was a real person. Over time it's 
harder to tell the difference. You will go 
into the game, and you won't know who 
is real. You can be online, and it's going 
to be invisible to the other player, where 
he can't tell the difference. A 

Subscribers can go to www.cpumag.com 
/cpujun06/garriott for bonus content. 
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